Záhadný něco asi virus

Zpráva

Marvilian · #1 Příspěvek od **Marvilian** » 25 lis 2017 15:14

Dobrý den,
prosím o pomoc. Mám v PC nějaký virus nebo něco který mi změnil veškeré reklamy na nějaké ruské hovadiny a fotky modelek a bůhví čeho a hlavní problém je ten že když otevřu jakoukoli stránku tak první kliknutí mi otevře tu samou stránku v novém okně a na té první otevře nějakou reklamu(pokaždé jinou) a některé mi eset zablokuje některé ne, tak se snažím je hned zavřít. Normálně bych počítač zhodil zformátoval a přeinstaloval, jenže nyní nemůžu jelikož v něm mám spoustu potřebných dat o které nemůžu přijít a pár programů které nemůžu zhodit a znovu nainstalovat abych nepřišel o nastavení atd. které jsem hodně dlouho nastavoval a vychytával. Předem moc děkuji za pomoc. Níže přidávám log z RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PCMvDDesigns at 2017-11-25 14:55:52
Microsoft Windows 7 Ultimate Service Pack 1
System drive F: has 23 GB (20%) free of 114 GB
Total RAM: 8190 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:55:59, on 25.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
F:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
F:\Program Files (x86)\AVG Web TuneUp\vprot.exe
F:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
F:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
F:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
F:\Program Files\trend micro\PCMvDDesigns.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - F:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [BCSSync] "F:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [DivXMediaServer] F:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [CanonQuickMenu] F:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [Dropbox] "F:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [vProt] "F:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "F:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [CCleaner Monitoring] "F:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "F:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "F:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://F:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://F:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: f:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: f:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - F:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - F:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - F:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - F:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - F:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - F:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - F:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - F:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - F:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - F:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - F:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - F:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - F:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - F:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - f:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - F:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - F:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - F:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - F:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - F:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - F:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.8 - Unknown owner - F:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - F:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - F:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - F:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - F:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - F:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 10195 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
F:\Windows\system32\services.exe
winlogon.exe
F:\Windows\system32\lsass.exe
F:\Windows\system32\lsm.exe
F:\Windows\system32\svchost.exe -k DcomLaunch
"F:\Program Files\ESET\ESET Security\ekrn.exe"
"F:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
F:\Windows\system32\svchost.exe -k RPCSS
F:\Windows\system32\atiesrxx.exe
F:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
F:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
F:\Windows\system32\svchost.exe -k netsvcs
F:\Windows\system32\svchost.exe -k GPSvcGroup
F:\Windows\system32\svchost.exe -k LocalService
F:\Windows\system32\svchost.exe -k NetworkService
atieclxx
F:\Windows\System32\spoolsv.exe
F:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"F:\Program Files (x86)\Bonjour\mDNSResponder.exe"
F:\Windows\system32\DbxSvc.exe
F:\Windows\System32\svchost.exe -k utcsvc
F:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"F:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"F:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
F:\Windows\System32\svchost.exe -k HPZ12
F:\Windows\System32\svchost.exe -k HPZ12
"f:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
F:\Windows\system32\svchost.exe -k imgsvc
"F:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe"
"F:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2104
F:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"F:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4672579f-b1be-4955-bcc2-d99251b0e039 -SystemEventPortName:HostProcess-4ee326fc-a2bf-4b5c-af5f-a737649e4234 -IoCancelEventPortName:HostProcess-16d219d0-7199-4aef-b00c-2e6192f937e2 -NonStateChangingEventPortName:HostProcess-a7876c32-954c-474c-a2cb-3f68cafd8fec -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3afc4bba-2092-4d62-9164-05de926351b8 -DeviceGroupId:
"taskhost.exe"
"F:\Windows\system32\Dwm.exe"
F:\Windows\Explorer.EXE
"F:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"F:\Program Files\ESET\ESET Security\egui.exe" /hide
"F:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
"F:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
"F:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"F:\Program Files\Windows Media Player\wmpnetwk.exe"
"F:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
F:\Windows\splwow64.exe 8192
F:\Windows\System32\svchost.exe -k LocalServicePeerNet
"F:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"
"F:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe" /MainProcess 3384 /PrinterName "Canon iP7200 series (kopie 2)" /ScannerName "" /Language cs-CZ /Startup

taskeng.exe {48FE8EBE-363D-44D2-81BF-4051A27C58DC}
taskeng.exe {1B47FDB0-7A5B-4C8A-8ED8-CC76432096B3}
F:\Windows\system32\wbem\wmiprvse.exe
"F:\Program Files\Opera\49.0.2725.47\opera.exe" --ran-launcher --started-from-shortcut
"F:\Program Files\Opera\49.0.2725.47\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=2376
"F:\Program Files\Opera\49.0.2725.47\opera.exe" --type=gpu-process --field-trial-handle=1380,6888316276871235437,15863541729278839205,131072 --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=3904 --gpu-vendor-id=0x1002 --gpu-device-id=0x6608 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=22.19.161.0 --gpu-driver-date=7-20-2017 --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=3904 --service-request-channel-token=3BDFFD6660972523CA4E38EACE775207 --mojo-platform-channel-handle=1396 --ignored=" --type=renderer " /prefetch:2
"F:\Program Files\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1380,6888316276871235437,15863541729278839205,131072 --service-pipe-token=50DE3FD0B07CB657FF7F16EFB3D3F75C --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=3904 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=50DE3FD0B07CB657FF7F16EFB3D3F75C --renderer-client-id=3 --mojo-platform-channel-handle=2148 /prefetch:1
"F:\Program Files\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1380,6888316276871235437,15863541729278839205,131072 --service-pipe-token=D3093BB00011E66FC30D7A7A0004474C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=3904 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D3093BB00011E66FC30D7A7A0004474C --renderer-client-id=5 --mojo-platform-channel-handle=2152 /prefetch:1
"F:\Program Files\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1380,6888316276871235437,15863541729278839205,131072 --service-pipe-token=9C5F77BB479284F9259D545D9C3B0FED --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=3904 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=9C5F77BB479284F9259D545D9C3B0FED --renderer-client-id=7 --mojo-platform-channel-handle=3832 /prefetch:1
"F:\Program Files\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1380,6888316276871235437,15863541729278839205,131072 --service-pipe-token=A715AA47B93CCE3F7CD57173107250F9 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=3904 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=A715AA47B93CCE3F7CD57173107250F9 --renderer-client-id=8 --mojo-platform-channel-handle=2696 /prefetch:1
"F:\Program Files\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1380,6888316276871235437,15863541729278839205,131072 --service-pipe-token=BAA58BF1EB276BF71F826E4119F2E25C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=3904 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=BAA58BF1EB276BF71F826E4119F2E25C --renderer-client-id=9 --mojo-platform-channel-handle=4840 /prefetch:1
"F:\Program Files\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1380,6888316276871235437,15863541729278839205,131072 --service-pipe-token=67106E222F106EC8AC9E0D885191754F --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=3904 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=67106E222F106EC8AC9E0D885191754F --renderer-client-id=10 --mojo-platform-channel-handle=5308 /prefetch:1
"F:\Users\PCMvDDesigns\Desktop\RSITx64.exe"

======Scheduled tasks folder======

F:\Windows\tasks\DropboxUpdateTaskMachineCore.job - F:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
F:\Windows\tasks\DropboxUpdateTaskMachineUA.job - F:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
F:\Windows\tasks\HPCeeScheduleForPCMvDDesigns.job - F:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPCMvDDesigns (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - F:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - F:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - F:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - F:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-27 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - F:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - F:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll [2017-10-21 2261576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - F:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-27 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - F:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 6141528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - F:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 4445272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=F:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-11-09 9068040]
"egui"=F:\Program Files\ESET\ESET Security\ecmdS.exe [2017-11-23 324216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=F:\Program Files\CCleaner\CCleaner64.exe [2017-06-09 9807064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
F:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
F:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-11-13 3567928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
F:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
F:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2017-10-21 2187336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=F:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"DivXMediaServer"=F:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2017-03-17 1046488]
"CanonQuickMenu"=F:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
"Dropbox"=F:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-11-13 3567928]
"vProt"=F:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2017-10-21 2187336]
"SunJavaUpdateSched"=F:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]
"CloneCDTray"=F:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - F:\Windows\System32\Notepad.exe %1
.js - open - F:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-25 14:55:53 ----D---- F:\Program Files\trend micro
2017-11-25 14:55:52 ----D---- F:\rsit
2017-11-24 09:29:25 ----AC---- F:\Windows\system32\MRT-KB890830.exe
2017-11-24 09:23:24 ----SHD---- F:\Config.Msi
2017-11-24 09:22:36 ----A---- F:\Windows\SYSWOW64\mshtmled.dll
2017-11-24 09:22:36 ----A---- F:\Windows\SYSWOW64\inseng.dll
2017-11-24 09:22:36 ----A---- F:\Windows\SYSWOW64\iernonce.dll
2017-11-24 09:22:36 ----A---- F:\Windows\system32\iernonce.dll
2017-11-24 09:22:36 ----A---- F:\Windows\system32\ieetwproxystub.dll
2017-11-24 09:22:36 ----A---- F:\Windows\system32\ieetwcollector.exe
2017-11-24 09:22:35 ----A---- F:\Windows\SYSWOW64\vbscript.dll
2017-11-24 09:22:35 ----A---- F:\Windows\SYSWOW64\urlmon.dll
2017-11-24 09:22:35 ----A---- F:\Windows\SYSWOW64\occache.dll
2017-11-24 09:22:35 ----A---- F:\Windows\SYSWOW64\MshtmlDac.dll
2017-11-24 09:22:35 ----A---- F:\Windows\SYSWOW64\iedkcs32.dll
2017-11-24 09:22:35 ----A---- F:\Windows\system32\inseng.dll
2017-11-24 09:22:35 ----A---- F:\Windows\system32\ie4uinit.exe
2017-11-24 09:22:34 ----A---- F:\Windows\SYSWOW64\mshtml.dll
2017-11-24 09:22:34 ----A---- F:\Windows\SYSWOW64\msfeeds.dll
2017-11-24 09:22:34 ----A---- F:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-11-24 09:22:34 ----A---- F:\Windows\SYSWOW64\dxtrans.dll
2017-11-24 09:22:34 ----A---- F:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-24 09:22:33 ----A---- F:\Windows\SYSWOW64\iesetup.dll
2017-11-24 09:22:33 ----A---- F:\Windows\SYSWOW64\ieapfltr.dll
2017-11-24 09:22:33 ----A---- F:\Windows\system32\urlmon.dll
2017-11-24 09:22:33 ----A---- F:\Windows\system32\occache.dll
2017-11-24 09:22:33 ----A---- F:\Windows\system32\iedkcs32.dll
2017-11-24 09:22:32 ----A---- F:\Windows\SYSWOW64\jscript9diag.dll
2017-11-24 09:22:32 ----A---- F:\Windows\SYSWOW64\jscript.dll
2017-11-24 09:22:32 ----A---- F:\Windows\SYSWOW64\iertutil.dll
2017-11-24 09:22:32 ----A---- F:\Windows\system32\ieetwcollectorres.dll
2017-11-24 09:22:31 ----A---- F:\Windows\SYSWOW64\jsproxy.dll
2017-11-24 09:22:31 ----A---- F:\Windows\SYSWOW64\ieUnatt.exe
2017-11-24 09:22:31 ----A---- F:\Windows\SYSWOW64\ieui.dll
2017-11-24 09:22:31 ----A---- F:\Windows\SYSWOW64\ieframe.dll
2017-11-24 09:22:31 ----A---- F:\Windows\SYSWOW64\dxtmsft.dll
2017-11-24 09:22:31 ----A---- F:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-24 09:22:31 ----A---- F:\Windows\system32\msfeeds.dll
2017-11-24 09:22:31 ----A---- F:\Windows\system32\dxtrans.dll
2017-11-24 09:22:30 ----A---- F:\Windows\system32\iesetup.dll
2017-11-24 09:22:30 ----A---- F:\Windows\system32\ieapfltr.dll
2017-11-24 09:22:29 ----A---- F:\Windows\SYSWOW64\webcheck.dll
2017-11-24 09:22:29 ----A---- F:\Windows\SYSWOW64\mshtmlmedia.dll
2017-11-24 09:22:29 ----A---- F:\Windows\system32\vbscript.dll
2017-11-24 09:22:29 ----A---- F:\Windows\system32\iertutil.dll
2017-11-24 09:22:28 ----A---- F:\Windows\SYSWOW64\wininet.dll
2017-11-24 09:22:28 ----A---- F:\Windows\SYSWOW64\msrating.dll
2017-11-24 09:22:28 ----A---- F:\Windows\SYSWOW64\jscript9.dll
2017-11-24 09:22:28 ----A---- F:\Windows\system32\ieUnatt.exe
2017-11-24 09:22:27 ----A---- F:\Windows\system32\ieui.dll
2017-11-24 09:22:27 ----A---- F:\Windows\system32\dxtmsft.dll
2017-11-24 09:22:26 ----A---- F:\Windows\system32\webcheck.dll
2017-11-24 09:22:26 ----A---- F:\Windows\system32\mshtmlmedia.dll
2017-11-24 09:22:26 ----A---- F:\Windows\system32\mshtmled.dll
2017-11-24 09:22:26 ----A---- F:\Windows\system32\ieframe.dll
2017-11-24 09:22:25 ----A---- F:\Windows\system32\jscript9diag.dll
2017-11-24 09:22:25 ----A---- F:\Windows\system32\jscript9.dll
2017-11-24 09:22:25 ----A---- F:\Windows\system32\jscript.dll
2017-11-24 09:22:24 ----A---- F:\Windows\system32\wininet.dll
2017-11-24 09:22:24 ----A---- F:\Windows\system32\jsproxy.dll
2017-11-24 09:22:23 ----A---- F:\Windows\system32\msrating.dll
2017-11-24 09:22:23 ----A---- F:\Windows\system32\MshtmlDac.dll
2017-11-24 09:22:22 ----A---- F:\Windows\system32\mshtml.dll
2017-11-24 09:22:21 ----A---- F:\Windows\system32\ntoskrnl.exe
2017-11-24 09:22:21 ----A---- F:\Windows\system32\drivers\ntfs.sys
2017-11-24 09:22:20 ----A---- F:\Windows\SYSWOW64\ntoskrnl.exe
2017-11-24 09:22:20 ----A---- F:\Windows\SYSWOW64\ntkrnlpa.exe
2017-11-24 09:22:20 ----A---- F:\Windows\system32\win32k.sys
2017-11-24 09:22:19 ----A---- F:\Windows\system32\rpcrt4.dll
2017-11-24 09:22:19 ----A---- F:\Windows\system32\ntdll.dll
2017-11-24 09:22:19 ----A---- F:\Windows\system32\lsasrv.dll
2017-11-24 09:22:18 ----A---- F:\Windows\SYSWOW64\msexcl40.dll
2017-11-24 09:22:18 ----A---- F:\Windows\system32\wmp.dll
2017-11-24 09:22:18 ----A---- F:\Windows\system32\tquery.dll
2017-11-24 09:22:18 ----A---- F:\Windows\system32\kerberos.dll
2017-11-24 09:22:17 ----A---- F:\Windows\SYSWOW64\wmp.dll
2017-11-24 09:22:17 ----A---- F:\Windows\SYSWOW64\ntdll.dll
2017-11-24 09:22:17 ----A---- F:\Windows\SYSWOW64\kerberos.dll
2017-11-24 09:22:17 ----A---- F:\Windows\system32\schannel.dll
2017-11-24 09:22:17 ----A---- F:\Windows\system32\Query.dll
2017-11-24 09:22:17 ----A---- F:\Windows\system32\mssrch.dll
2017-11-24 09:22:17 ----A---- F:\Windows\system32\msctf.dll
2017-11-24 09:22:17 ----A---- F:\Windows\system32\kernel32.dll
2017-11-24 09:22:17 ----A---- F:\Windows\system32\drivers\srv.sys
2017-11-24 09:22:17 ----A---- F:\Windows\system32\advapi32.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\ucrtbase.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\tquery.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\schannel.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\rpcrt4.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\Query.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\mswstr10.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\msv1_0.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\msjint40.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\msctf.dll
2017-11-24 09:22:16 ----A---- F:\Windows\SYSWOW64\kernel32.dll
2017-11-24 09:22:16 ----A---- F:\Windows\system32\wlansec.dll
2017-11-24 09:22:16 ----A---- F:\Windows\system32\ucrtbase.dll
2017-11-24 09:22:16 ----A---- F:\Windows\system32\msv1_0.dll
2017-11-24 09:22:16 ----A---- F:\Windows\system32\KernelBase.dll
2017-11-24 09:22:16 ----A---- F:\Windows\system32\drivers\srv2.sys
2017-11-24 09:22:16 ----A---- F:\Windows\system32\drivers\mrxsmb10.sys
2017-11-24 09:22:15 ----A---- F:\Windows\SYSWOW64\wlansec.dll
2017-11-24 09:22:15 ----A---- F:\Windows\SYSWOW64\themeui.dll
2017-11-24 09:22:15 ----A---- F:\Windows\SYSWOW64\ncrypt.dll
2017-11-24 09:22:15 ----A---- F:\Windows\SYSWOW64\mssrch.dll
2017-11-24 09:22:15 ----A---- F:\Windows\SYSWOW64\ieetwproxystub.dll
2017-11-24 09:22:15 ----A---- F:\Windows\SYSWOW64\gdi32.dll
2017-11-24 09:22:15 ----A---- F:\Windows\SYSWOW64\certcli.dll
2017-11-24 09:22:15 ----A---- F:\Windows\SYSWOW64\advapi32.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\wow64win.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\wdigest.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\themeui.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\srcore.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\SearchIndexer.exe
2017-11-24 09:22:15 ----A---- F:\Windows\system32\rpchttp.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\ncrypt.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\gdi32.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\drivers\nwifi.sys
2017-11-24 09:22:15 ----A---- F:\Windows\system32\conhost.exe
2017-11-24 09:22:15 ----A---- F:\Windows\system32\certcli.dll
2017-11-24 09:22:15 ----A---- F:\Windows\system32\appidpolicyconverter.exe
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\wlanmsm.dll
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\wdigest.dll
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\TSpkg.dll
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\t2embed.dll
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\SearchIndexer.exe
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\rpchttp.dll
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\mssph.dll
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\KernelBase.dll
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\bcrypt.dll
2017-11-24 09:22:14 ----A---- F:\Windows\SYSWOW64\adtschema.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\wow64.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\wlanmsm.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\wlanhlp.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\winsrv.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\TSpkg.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\t2embed.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\SearchProtocolHost.exe
2017-11-24 09:22:14 ----A---- F:\Windows\system32\mssvp.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\mssphtb.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\mssph.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\drivers\srvnet.sys
2017-11-24 09:22:14 ----A---- F:\Windows\system32\drivers\mrxsmb20.sys
2017-11-24 09:22:14 ----A---- F:\Windows\system32\drivers\mrxsmb.sys
2017-11-24 09:22:14 ----A---- F:\Windows\system32\drivers\ksecpkg.sys
2017-11-24 09:22:14 ----A---- F:\Windows\system32\drivers\appid.sys
2017-11-24 09:22:14 ----A---- F:\Windows\system32\bcrypt.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\appidsvc.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\appidapi.dll
2017-11-24 09:22:14 ----A---- F:\Windows\system32\adtschema.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\wlanhlp.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\wlanapi.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\sspicli.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\atmfd.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\appidapi.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\wlanapi.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\smss.exe
2017-11-24 09:22:13 ----A---- F:\Windows\system32\SearchFilterHost.exe
2017-11-24 09:22:13 ----A---- F:\Windows\system32\drivers\usbhub.sys
2017-11-24 09:22:13 ----A---- F:\Windows\system32\drivers\ksecdd.sys
2017-11-24 09:22:13 ----A---- F:\Windows\system32\csrsrv.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\atmfd.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-24 09:22:13 ----A---- F:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\secur32.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\SearchFilterHost.exe
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\ntvdm64.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\mssvp.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\mssphtb.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\msscntrs.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\msaudite.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\cryptbase.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\credssp.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\auditpol.exe
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-24 09:22:12 ----A---- F:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\wlansvc.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\sspicli.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\secur32.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\rstrui.exe
2017-11-24 09:22:12 ----A---- F:\Windows\system32\ntvdm64.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\msscntrs.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\msaudite.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\lsass.exe
2017-11-24 09:22:12 ----A---- F:\Windows\system32\drivers\usbccgp.sys
2017-11-24 09:22:12 ----A---- F:\Windows\system32\drivers\luafv.sys
2017-11-24 09:22:12 ----A---- F:\Windows\system32\cryptbase.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\credssp.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\auditpol.exe
2017-11-24 09:22:12 ----A---- F:\Windows\system32\appidcertstorecheck.exe
2017-11-24 09:22:12 ----A---- F:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-24 09:22:12 ----A---- F:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-11-24 09:22:11 ----AH---- F:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-11-24 09:22:11 ----A---- F:\Windows\SYSWOW64\wow32.dll
2017-11-24 09:22:11 ----A---- F:\Windows\SYSWOW64\srclient.dll
2017-11-24 09:22:11 ----A---- F:\Windows\SYSWOW64\setup16.exe
2017-11-24 09:22:11 ----A---- F:\Windows\SYSWOW64\mssprxy.dll
2017-11-24 09:22:11 ----A---- F:\Windows\SYSWOW64\mssitlb.dll
2017-11-24 09:22:11 ----A---- F:\Windows\SYSWOW64\msshooks.dll
2017-11-24 09:22:11 ----A---- F:\Windows\SYSWOW64\instnm.exe
2017-11-24 09:22:11 ----A---- F:\Windows\SYSWOW64\fontsub.dll
2017-11-24 09:22:11 ----A---- F:\Windows\system32\wow64cpu.dll
2017-11-24 09:22:11 ----A---- F:\Windows\system32\sspisrv.dll
2017-11-24 09:22:11 ----A---- F:\Windows\system32\srclient.dll
2017-11-24 09:22:11 ----A---- F:\Windows\system32\setbcdlocale.dll
2017-11-24 09:22:11 ----A---- F:\Windows\system32\mssprxy.dll
2017-11-24 09:22:11 ----A---- F:\Windows\system32\mssitlb.dll
2017-11-24 09:22:11 ----A---- F:\Windows\system32\msshooks.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-11-24 09:22:10 ----AH---- F:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\wmploc.DLL
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\user.exe
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\spwmp.dll
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\msobjs.dll
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\lpk.dll
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\dxmasf.dll
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\dciman32.dll
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\atmlib.dll
2017-11-24 09:22:10 ----A---- F:\Windows\SYSWOW64\apisetschema.dll
2017-11-24 09:22:10 ----A---- F:\Windows\system32\spwmp.dll
2017-11-24 09:22:10 ----A---- F:\Windows\system32\msobjs.dll
2017-11-24 09:22:10 ----A---- F:\Windows\system32\lpk.dll
2017-11-24 09:22:10 ----A---- F:\Windows\system32\fontsub.dll
2017-11-24 09:22:10 ----A---- F:\Windows\system32\dxmasf.dll
2017-11-24 09:22:10 ----A---- F:\Windows\system32\drivers\usbuhci.sys
2017-11-24 09:22:10 ----A---- F:\Windows\system32\drivers\usbport.sys
2017-11-24 09:22:10 ----A---- F:\Windows\system32\drivers\usbohci.sys
2017-11-24 09:22:10 ----A---- F:\Windows\system32\drivers\usbehci.sys
2017-11-24 09:22:10 ----A---- F:\Windows\system32\drivers\usbd.sys
2017-11-24 09:22:10 ----A---- F:\Windows\system32\dciman32.dll
2017-11-24 09:22:10 ----A---- F:\Windows\system32\atmlib.dll
2017-11-24 09:22:10 ----A---- F:\Windows\system32\apisetschema.dll
2017-11-24 09:22:09 ----A---- F:\Windows\system32\wmploc.DLL
2017-11-24 09:18:38 ----A---- F:\Windows\system32\invagent.dll
2017-11-24 09:18:38 ----A---- F:\Windows\system32\generaltel.dll
2017-11-24 09:18:38 ----A---- F:\Windows\system32\devinv.dll
2017-11-24 09:18:38 ----A---- F:\Windows\system32\CompatTelRunner.exe
2017-11-24 09:18:38 ----A---- F:\Windows\system32\centel.dll
2017-11-24 09:18:38 ----A---- F:\Windows\system32\aitstatic.exe
2017-11-24 09:18:38 ----A---- F:\Windows\system32\aepic.dll
2017-11-24 09:18:37 ----A---- F:\Windows\system32\appraiser.dll
2017-11-24 09:18:37 ----A---- F:\Windows\system32\aeinv.dll
2017-11-24 09:18:37 ----A---- F:\Windows\system32\acmigration.dll
2017-11-15 11:42:59 ----D---- F:\Program Files (x86)\SlySoft
2017-11-13 11:26:48 ----A---- F:\Windows\system32\drivers\dbx-stable.sys
2017-11-13 11:26:48 ----A---- F:\Windows\system32\drivers\dbx-dev.sys
2017-11-13 11:26:48 ----A---- F:\Windows\system32\drivers\dbx-canary.sys
2017-11-13 11:26:48 ----A---- F:\Windows\system32\DbxSvc.exe

======List of files/folders modified in the last 1 month======

2017-11-25 14:55:53 ----RD---- F:\Program Files
2017-11-25 14:55:31 ----D---- F:\Windows\Temp
2017-11-25 14:52:38 ----D---- F:\Windows\inf
2017-11-25 14:52:38 ----D---- F:\Windows\debug
2017-11-25 14:52:38 ----AD---- F:\Windows
2017-11-25 13:27:08 ----D---- F:\Windows\System32
2017-11-25 13:27:08 ----A---- F:\Windows\system32\PerfStringBackup.INI
2017-11-25 13:24:24 ----D---- F:\ProgramData\boost_interprocess
2017-11-25 13:23:39 ----D---- F:\Windows\system32\config
2017-11-24 20:40:09 ----D---- F:\Windows\rescache
2017-11-24 09:54:26 ----D---- F:\Windows\winsxs
2017-11-24 09:52:34 ----D---- F:\Windows\SYSWOW64\migration
2017-11-24 09:52:34 ----D---- F:\Windows\SYSWOW64\en-US
2017-11-24 09:52:34 ----D---- F:\Windows\SYSWOW64\cs-CZ
2017-11-24 09:52:34 ----D---- F:\Program Files\Windows Media Player
2017-11-24 09:52:34 ----D---- F:\Program Files\Internet Explorer
2017-11-24 09:52:34 ----D---- F:\Program Files (x86)\Windows Media Player
2017-11-24 09:52:34 ----D---- F:\Program Files (x86)\Internet Explorer
2017-11-24 09:52:33 ----D---- F:\Windows\SysWOW64
2017-11-24 09:52:33 ----D---- F:\Windows\system32\migration
2017-11-24 09:52:33 ----D---- F:\Windows\system32\en-US
2017-11-24 09:52:33 ----D---- F:\Windows\system32\drivers\cs-CZ
2017-11-24 09:52:33 ----D---- F:\Windows\system32\drivers
2017-11-24 09:52:33 ----D---- F:\Windows\system32\cs-CZ
2017-11-24 09:52:32 ----D---- F:\Windows\system32\DriverStore
2017-11-24 09:52:32 ----D---- F:\Windows\system32\Boot
2017-11-24 09:52:32 ----D---- F:\Windows\system32\appraiser
2017-11-24 09:52:32 ----D---- F:\Windows\AppPatch
2017-11-24 09:52:27 ----D---- F:\ProgramData\CanonIJPLM
2017-11-24 09:40:00 ----D---- F:\Windows\Microsoft.NET
2017-11-24 09:32:03 ----D---- F:\Windows\system32\MRT
2017-11-24 09:29:21 ----AC---- F:\Windows\system32\MRT.exe
2017-11-24 09:29:14 ----SHD---- F:\Windows\Installer
2017-11-24 09:22:58 ----SHD---- F:\System Volume Information
2017-11-24 09:20:08 ----D---- F:\Windows\system32\catroot2
2017-11-23 19:50:49 ----D---- F:\Windows\system32\Tasks
2017-11-23 19:50:49 ----D---- F:\Program Files\Opera
2017-11-23 15:01:49 ----D---- F:\Users\PCMvDDesigns\AppData\Roaming\signcut
2017-11-21 21:20:25 ----D---- F:\Program Files (x86)\FastShare
2017-11-21 14:09:32 ----RSD---- F:\Windows\Fonts
2017-11-16 01:21:57 ----D---- F:\Program Files (x86)\Dropbox
2017-11-15 11:43:21 ----HD---- F:\ProgramData
2017-11-15 11:43:02 ----D---- F:\Windows\SYSWOW64\drivers
2017-11-15 11:42:59 ----RD---- F:\Program Files (x86)
2017-11-14 19:18:17 ----A---- F:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-11-14 19:18:12 ----D---- F:\Windows\system32\Macromed
2017-11-14 19:18:05 ----D---- F:\Windows\SYSWOW64\Macromed
2017-10-27 09:01:42 ----D---- F:\ProgramData\Oracle
2017-10-27 08:44:39 ----D---- F:\Program Files (x86)\Java
2017-10-27 08:43:44 ----A---- F:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; F:\Windows\system32\DRIVERS\edevmon.sys [2017-05-04 107344]
R0 pciide;pciide; F:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; F:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; F:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; F:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; F:\Windows\system32\DRIVERS\eamonm.sys [2017-11-23 132848]
R1 ehdrv;ehdrv; F:\Windows\system32\DRIVERS\ehdrv.sys [2017-11-23 180088]
R1 ElbyCDIO;ElbyCDIO Driver; F:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 epfw;epfw; F:\Windows\system32\DRIVERS\epfw.sys [2017-05-04 78192]
R1 EpfwLWF;ESET Personal Firewall; F:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-05-04 60544]
R1 epfwwfp;epfwwfp; F:\Windows\system32\DRIVERS\epfwwfp.sys [2017-11-23 102160]
R1 vwififlt;Virtual WiFi Filter Driver; F:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R1 wfcre;wfcre; F:\Windows\system32\drivers\wfcre.sys [2017-07-04 124288]
R2 ekbdflt;ekbdflt; F:\Windows\system32\DRIVERS\ekbdflt.sys [2017-05-04 50752]
R2 HOSTNT;HOSTNT; F:\Windows\system32\drivers\HOSTNT.sys [2016-05-04 13864]
R3 amdkmdag;amdkmdag; F:\Windows\system32\DRIVERS\atikmdag.sys [2017-08-10 36574128]
R3 amdkmdap;amdkmdap; F:\Windows\system32\DRIVERS\atikmpag.sys [2017-08-10 538536]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; F:\Windows\system32\drivers\AtihdW76.sys [2016-04-01 104976]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; F:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-08-12 30264]
R3 ElbyCDFL;ElbyCDFL; F:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); F:\Windows\system32\drivers\RTKVHD64.sys [2016-11-09 5437960]
R3 MTsensor;ATK0110 ACPI UTILITY; F:\Windows\system32\DRIVERS\ASACPI.sys [2015-08-05 15416]
R3 pcouffin;VSO Software pcouffin; F:\Windows\System32\Drivers\pcouffin.sys [2015-08-14 82816]
R3 RTL8167;Realtek 8167 NT Driver; F:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 AndnetBus;LGE Mobile USB Composite Device; F:\Windows\system32\DRIVERS\lgandnetbus64.sys [2016-08-31 30208]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; F:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2016-08-24 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; F:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2016-08-24 37376]
S3 avgTap;AVG TAP Adapter v3; F:\Windows\system32\DRIVERS\avgTap.sys [2016-12-09 54888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; F:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); F:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; F:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; F:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dbx;dbx; F:\Windows\system32\DRIVERS\dbx.sys []
S3 Dot4;MS IEEE-1284.4 Driver; F:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; F:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; F:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 FTDIBUS;USB Serial Converter Driver; F:\Windows\system32\drivers\ftdibus.sys [2016-10-04 118160]
S3 FTSER2K;USB Serial Port Driver; F:\Windows\system32\drivers\ftser2k.sys [2016-10-04 88752]
S3 CH341_A64;CH341WDM_A64; F:\Windows\System32\Drivers\CH341W64.SYS [2009-06-11 31232]
S3 MarvinBus;Pinnacle Marvin Bus 64; F:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 RDPDR;Terminal Server Device Redirector Driver; F:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; F:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); F:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8168;Realtek 8168 NT Driver; F:\Windows\system32\DRIVERS\Rt630x64.sys [2012-12-28 760032]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; F:\Windows\system32\DRIVERS\rtwlanu.sys [2013-03-06 1528976]
S3 s3cap;s3cap; F:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; F:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; F:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; F:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; F:\Windows\system32\drivers\tsusbhub.sys []
S3 UsbC;SafeNet MicroDog USB Device Driver; F:\Windows\system32\DRIVERS\rcusbwdm.sys [2016-05-04 80936]
S3 usbser;USB Serial emulation modem driver; F:\Windows\system32\DRIVERS\usbser.sys [2017-07-26 33280]
S3 VGPU;VGPU; F:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; F:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; F:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; F:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S3 wdm_usb;wdm_usb; F:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 159936]
S3 WinUsb;Android USB Driver; F:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AMD External Events Utility;AMD External Events Utility; F:\Windows\system32\atiesrxx.exe [2017-08-10 560552]
R2 Bonjour Service;Bonjour Service; F:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; F:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DbxSvc;DbxSvc; F:\Windows\system32\DbxSvc.exe [2017-11-13 51016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; F:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; F:\Program Files\ESET\ESET Security\ekrn.exe [2017-11-23 2648184]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; F:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2017-07-26 192200]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; F:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 Net Driver HPZ12;Net Driver HPZ12; F:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; F:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; f:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 337776]
R2 vToolbarUpdater40.3.8;vToolbarUpdater40.3.8; F:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [2017-10-21 1365064]
R2 wlidsvc;Windows Live ID Sign-in Assistant; F:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; F:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; F:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 dbupdate;Dropbox Update Service (dbupdate); F:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04 143144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14 272384]
S3 dbupdatem;Dropbox Update Service (dbupdatem); F:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04 143144]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; F:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; F:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; F:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; F:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; F:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; F:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; F:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; F:\Windows\system32\Wat\WatAdminSvc.exe [2017-07-11 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; F:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; F:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@F:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; F:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@F:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; F:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@F:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; F:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 25 lis 2017 17:35

Zdravím!
Jak je na to váš oper. systém s legalitou?

Marvilian · #3 Příspěvek od **Marvilian** » 25 lis 2017 17:48

Zdravím, to netuším koupil jsem PC z druhé ruky a systém už v něm byl.

#4 Příspěvek od **Rudy** » 25 lis 2017 17:50

OK. Na NB by měla být nálepka obshující text Windows7Ultimate a licenční klíč. Pokud je tam jiná nálepka (s jiným textem), je systém nelegální.

Marvilian · #5 Příspěvek od **Marvilian** » 25 lis 2017 17:55

Samolepka na něm není žádná, prodávající mi předělával vnitřek jednoho PC do druhé krabice a přidáválo se pár chladičů. Ale na původní bedně bylo několik samolepek, ale jestli tam bylo i licenční to fakt netuším. Má to nějaký vliv na odstranění viru?

#6 Příspěvek od **Rudy** » 25 lis 2017 19:24

To nemá, my ale neřešíme cinknuté oper. systémy. Je to riziko, systém je pozměněn a nikdy předem nevíme, jak se zachová při čištění.

Marvilian · #7 Příspěvek od **Marvilian** » 25 lis 2017 19:49

A jak víte že není originální když to nevím ani já? Ale i tak děkuji za nepomoc.

Marvilian · #8 Příspěvek od **Marvilian** » 25 lis 2017 19:57

Myslím si že kdyby byl neorigo tak už by mě po těch letech co na něm jedu a dělám aktualizace a stahuju ze stránek microsoftu dávno lokli nebo informovali že nemám legálním systém. Mohl sem i zdarma přeinstalovat na legální win10, ale neudělal sem jelikož některé programy které používám už na desítkách nejedou. Já se potřebuju zbavit jenom viru to je jediné co mě tíží. S toho co jsem tady pročetl vláken jste tady vyřešili hromadu problémů na nelegálních widlích tak včem je problém nyní? Můžu Vám lhát a říct že je stoprocentně legální, ale proč bych to dělal když potřebuji pomoct? Můžete tedy pro mě prosím něco udělat či mám hledat pomoc někde jinde na jiném fóru? Děkuji za odpověď.

#9 Příspěvek od **Rudy** » 25 lis 2017 20:23

Já mám pouze podezření, proto jsem se zeptal. Na to abych to věděl, udělejte tento sken:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

My cinknté oper. systémy neřešíme, neboť takový pozměněný systém se může zachovat při čištění nepředvídatelně a nehodláme pak opravovat systém po pádu. Od toho tu nejsme a už se to několikrát stalo a uživatelům se to pak velmi nelíbilo. Bude-li z hlediska legality ten sken čistý, můžeme pomocí něho vyčistit systém od malwaru a zbytečností.

Marvilian · #10 Příspěvek od **Marvilian** » 26 lis 2017 00:20

OTL Extras logfile created on: 25.11.2017 23:06:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\PCMvDDesigns\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18837)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,25 Gb Available Physical Memory | 65,61% Memory free
15,99 Gb Paging File | 12,62 Gb Available in Paging File | 78,92% Paging File free
Paging file location(s): f:\pagefile.sys 0 0 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files (x86)
Drive C: | 148,95 Gb Total Space | 5,75 Gb Free Space | 3,86% Space Free | Partition Type: NTFS
Drive E: | 100,00 Mb Total Space | 61,56 Mb Free Space | 61,56% Space Free | Partition Type: NTFS
Drive F: | 111,79 Gb Total Space | 21,35 Gb Free Space | 19,10% Space Free | Partition Type: NTFS

Computer Name: PCMVDDESIGNS-PC | User Name: PCMvDDesigns | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- F:\Program Files\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- F:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- F:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- F:\Program Files\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- F:\Program Files\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "F:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "F:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "F:\Windows\system32\rundll32.exe" "F:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "F:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "F:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "F:\Windows\System32\rundll32.exe" "F:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "F:\Windows\System32\rundll32.exe" "F:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "F:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "F:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "F:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "F:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "F:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "F:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "F:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "F:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "F:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "F:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "F:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{180599E7-C3C9-496C-98A2-6DB7341786A1}" = lport=5353 | protocol=17 | dir=in | app=f:\program files\opera\49.0.2725.47\opera.exe |
"{1F777BD9-A571-4671-B36B-F6CCB55EE628}" = lport=445 | protocol=6 | dir=in | app=system |
"{267EFDD6-E4E7-47F2-B166-6A0E8859170F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{26FB4222-643B-4768-A9EF-5D455779A038}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{277B1AF7-14CB-4B35-821B-6193F5E33B53}" = lport=137 | protocol=17 | dir=in | app=system |
"{34AB0020-EC68-4DD3-BEA9-EB1A89E88FF2}" = lport=6004 | protocol=17 | dir=in | app=f:\program files (x86)\microsoft office\office14\outlook.exe |
"{3A0285C0-4537-4B4C-9642-17F74C36CEF5}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{3DACED7B-D6B4-41BA-A7F7-C53FA53EDDE5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4FB8A7C2-52F5-469D-9BC5-9F8311456551}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{50E31AD6-5262-4CBB-900D-C28DA7944DB2}" = lport=138 | protocol=17 | dir=in | app=system |
"{5149452E-1EDD-4A16-B382-C688490848BF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{58B95255-7112-4364-BC7F-1CFFB00BE960}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5F6C17D3-2275-42C8-A3E5-02A213EDB560}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{644F7E90-1452-4969-8985-A032489032C6}" = rport=445 | protocol=6 | dir=out | app=system |
"{6DB05A00-D934-40BC-B22C-8DF3B34B08EF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{787C2B10-D1A7-483A-80D1-F6C96F89E662}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{91889DAB-6703-4E34-AC7C-F098B9E91092}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{92693D26-129D-4572-B3E9-325A161F6DA0}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{92A13A41-6307-4E95-B2F4-044140D1F337}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{96C2C2CD-8D53-463A-ADFE-1CC75AFFF552}" = rport=139 | protocol=6 | dir=out | app=system |
"{9AD4EF98-9373-488D-9569-493357818852}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9B1DB80C-D73A-46B1-91F9-2387A93B16FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9BF714C5-11D2-4ADF-BCC3-25C6304F0EA0}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{9EC6752C-9C28-451C-8893-5074A753AD4D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9EF1DBAD-43B3-4122-84D9-C4189AA2DAD8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A439E17C-43F6-44D9-867B-EE74DF1372CA}" = rport=138 | protocol=17 | dir=out | app=system |
"{AABCDEAF-A831-4017-AEA1-F3EFE708811A}" = lport=5353 | protocol=17 | dir=in | app=f:\program files\opera\49.0.2725.39\opera.exe |
"{AABFE42A-CDAC-47F6-AD1F-0B42CEB8013E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ABD60896-6165-4D65-B4AC-8FF019ADFA16}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC49DBB8-AAB7-4CAF-84A2-1E44720529D1}" = rport=137 | protocol=17 | dir=out | app=system |
"{C709AF77-6BE4-4AD4-BE5B-8366280453C4}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{C744414C-AB32-45C0-92BC-6F49BBE7A93A}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{C79039F5-041D-451B-8D18-4BE781ABC94C}" = lport=139 | protocol=6 | dir=in | app=system |
"{D61722EB-EF87-4B8D-BD9F-7FDD092F6516}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{D9E3A7E4-1F39-40F0-977E-D9082BB3EDAB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC84EF9E-DCAE-4FEB-80D6-46DC2270CCDF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E61373C3-7F68-4812-91D6-30E0C30FAB60}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EC468E70-44FD-4AB9-B49E-7FF5F7273883}" = lport=6881 | protocol=6 | dir=in | name=war thunder |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05538F35-377F-449E-877B-49E0E2A2CD63}" = protocol=6 | dir=in | app=f:\program files (x86)\bonjour\mdnsresponder.exe |
"{0DEF08D1-5845-4A1B-B0B1-049DB367B00D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{18202376-C94C-45E8-8BE7-B2D5D98775A4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1F17769F-9ED6-466B-9FEF-62A9B5F60974}" = dir=in | app=f:\program files (x86)\dropbox\client\dropbox.exe |
"{2A1AD1E5-0150-4DB9-8070-A869F7BBEA74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3038F7B3-1189-4A4E-AB70-111E9008BD91}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{381FABAA-4075-4A23-903F-262C4B1A8AE6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3A7A50A4-6E48-4E84-839F-F2BA73E6285B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EDCC58C-DD8A-4159-99C6-178C209A9B40}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40AF8756-6101-4021-970B-FD5A10E6A3FF}" = protocol=6 | dir=in | app=f:\program files (x86)\microsoft office\office14\onenote.exe |
"{417D7B09-F98B-4943-B25A-B4A17A943CE4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{42C6448D-E8A7-4B81-9F64-7B9F80C78F85}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4B7CF45A-945B-4E82-AA4B-CF497E2EF7FF}" = protocol=17 | dir=in | app=f:\program files (x86)\microsoft office\office14\onenote.exe |
"{4BA6ACB6-80A1-4D6A-834F-05C6D6FCEDA8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{59285C50-04AD-4FCD-BA5A-439040068734}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E844207-2D15-4F1D-AE86-C8763180C3D9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F5C5793-A54A-4F48-9DE9-D075C3EB8842}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60F377FD-080C-4337-A0B6-52A25289A352}" = protocol=6 | dir=in | app=f:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe |
"{7AC74C25-AEE5-4FD7-9B33-921C067CEB38}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{839A86C8-17DE-48A3-8346-5CF2CCF2CF06}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8B170503-B7D0-4F69-B8A9-6B9EF3989083}" = protocol=17 | dir=in | app=f:\program files (x86)\bonjour\mdnsresponder.exe |
"{8D748F80-7AE5-4AC5-B15F-853BAA7B34A6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A4DA439B-E5F0-410A-8B12-22ADF5B4DAA6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AFF129FE-415F-4437-BBA5-E30824C83719}" = protocol=6 | dir=out | app=system |
"{C922F85A-87F0-45ED-B1A9-A17B4AA9C256}" = protocol=17 | dir=in | app=f:\program files (x86)\microsoft office\office14\groove.exe |
"{E3AAFDE5-3C20-40AC-BA54-C5C33EF8B100}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E5F4B86C-3D44-47CD-A1ED-AB3390CDF842}" = protocol=6 | dir=in | app=f:\program files (x86)\microsoft office\office14\groove.exe |
"{F0AF33C6-63AE-468B-B6B1-7A94C6ADFFF1}" = protocol=6 | dir=in | app=f:\program files\corel\coreldraw graphics suite x7\programs64\corelpp.exe |
"TCP Query User{8E1742D9-4678-45A8-8BA6-CA2730D48C37}C:\games\dark sector\ds.exe" = protocol=6 | dir=in | app=c:\games\dark sector\ds.exe |
"TCP Query User{D38A6F5B-7BDA-4330-B75A-7DAD8EEC4819}C:\games\ghost recon advanced warfighter\graw.exe" = protocol=6 | dir=in | app=c:\games\ghost recon advanced warfighter\graw.exe |
"UDP Query User{3489E386-8893-450D-91F1-C5B06DC66786}C:\games\dark sector\ds.exe" = protocol=17 | dir=in | app=c:\games\dark sector\ds.exe |
"UDP Query User{CB93087A-C20D-424C-8010-1C954934FE53}C:\games\ghost recon advanced warfighter\graw.exe" = protocol=17 | dir=in | app=c:\games\ghost recon advanced warfighter\graw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{4DC318F5-1640-4417-A218-912ED9905FAA}" = Corel Graphics - Windows Shell Extension
"_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}" = CorelDRAW Graphics Suite X7 (64-Bit)
"{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series" = Canon iP7200 series Printer Driver
"{13179AB2-69FD-459B-800F-81865A501AD4}" = CorelDRAW Graphics Suite X7 - IPM (x64)
"{1A73168F-5983-46A6-AAAB-FD83BC231E02}" = CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F83F9CC-9CAC-4612-859D-891654C9DC0F}" = CorelDRAW Graphics Suite X7 - CT (x64)
"{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}" = Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS
"{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}" = CorelDRAW Graphics Suite X7 - Draw (x64)
"{2C91CB9D-323D-43E5-A433-229B71CFB773}" = CorelDRAW Graphics Suite X7 - Capture (x64)
"{2EF3A93A-569E-4FD7-A5DF-64AF588B4FBA}" = CorelDRAW Graphics Suite X7 - PL (x64)
"{2F884A17-E051-3DB7-B093-6274C98740F6}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩
"{36B98E65-CA52-348C-9ED7-77B926A16C2D}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3B4AE1A9-C026-4D08-8004-DA9A85A411A4}" = Corel Graphics - Windows Shell Extension 32 Bit
"{3BB8EB77-737B-4B32-BAB9-08C7110C46BD}" = CorelDRAW Graphics Suite X7 - EN (x64)
"{3FF83303-2A88-4E85-96A1-1B644B024FF0}" = ESET Smart Security
"{44FC9E77-F65B-3ED1-B6A5-30C9BA6B2592}" = Microsoft .NET Framework 4.7 (CSY)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4DC318F5-1640-4417-A218-912ED9905FAA}" = Corel Graphics - Windows Shell Extension
"{5025968D-10D4-44B2-A31C-42E020CDE399}" = CorelDRAW Graphics Suite X7 - JP (x64)
"{5162E418-BB43-4C8F-ACD6-069645EF98C3}" = CorelDRAW Graphics Suite X7 - Custom Data (x64)
"{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}" = CorelDRAW Graphics Suite X7 - FontNav (x64)
"{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}" = CorelDRAW Graphics Suite X7 - VBA (x64)
"{5707EC26-AA9F-32C6-B7C1-347A3482CEC0}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support
"{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}" = CorelDRAW Graphics Suite X7 - Setup Files (x64)
"{65168D5C-A6DD-4C1B-BF5C-860A39CDD05E}" = CorelDRAW Graphics Suite X7 - ES (x64)
"{6533647D-136C-43B8-8966-712EF27F5CEE}" = CorelDRAW Graphics Suite X7 - NL (x64)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{73A36613-1F8F-3D94-B28A-4CC0E3CAECB5}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA
"{73A64813-E631-3807-8E78-BA679EDA09A8}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack
"{811C0940-9502-4A27-A9C5-A9A7ED853BD9}" = CorelDRAW Graphics Suite X7 - IT (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C196158-5F89-4C88-AA33-2D57D67AA5D7}" = CorelDRAW Graphics Suite X7 - RU (x64)
"{8EA70EAF-41AB-491C-A163-9BA1ADA004EB}" = CorelDRAW Graphics Suite X7 - DE (x64)
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}" = CorelDRAW Graphics Suite X7 - Common (x64)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.7 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7
"{966996DC-D67C-40E3-8BD4-31FA0F093571}" = CorelDRAW Graphics Suite X7 - VideoBrowser (x64)
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A6B7D078-EDC4-4D8A-BD3D-CB2B11440219}" = CGS17_Setup_x64
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{BA14C6F7-A633-3E88-831B-FCC197A5A17D}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français
"{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026
"{BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB}" = Microsoft .NET Framework 4.7
"{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}" = CorelDRAW Graphics Suite X7 - Connect (x64)
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}" = CorelDRAW Graphics Suite X7 - Redist (x64)
"{C922F325-DD52-4E22-B204-431A06E63E51}" = CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64)
"{CD56C9B9-FB98-372B-8BC7-FDA312CD2511}" = Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D10A5CFA-FE33-4F06-AE37-554604F00A52}" = CorelDRAW Graphics Suite X7 - Filters (x64)
"{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}" = CorelDRAW Graphics Suite X7 - Writing Tools (x64)
"{DCCD0EF6-DFCF-4D31-B71D-2AAC24C6AB16}" = CorelDRAW Graphics Suite X7 - CZ (x64)
"{DDDF762A-2D1D-36A3-9B70-70BD62B4EDCF}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN
"{E237254B-36A1-3D27-815E-B37C13BE0796}" = Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB
"{EF44BCCD-13F9-4974-862C-CCFAF43EE082}" = CorelDRAW Graphics Suite X7 - IPM Content (x64)
"{FA987EBD-79D8-4A2C-8018-4095AD215D3C}" = CorelDRAW Graphics Suite X7 - CS (x64)
"{FB501A6E-CA6D-36DA-8860-17F0E6D89155}" = Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件
"{FC41DFBE-6C39-4C84-949B-7CB1E6460C7A}" = CorelDRAW Graphics Suite X7 - BR (x64)
"{FC9BCB82-55E3-4328-868F-B19112B07B93}" = CorelDRAW Graphics Suite X7 - FR (x64)
"123D Design" = 123D Design R1.8
"Blender" = Blender
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"Meshmixer_x64" = Meshmixer
"Prusa3D_is1" = Prusa3D verze 1.6.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{03077B58-6ACF-32CA-B42A-EAA458C295A1}" = Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB
"{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{099218A5-A723-43DC-8DB5-6173656A1E94}" = Dropbox Update Helper
"{0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70}" = HP Customer Experience Enhancements
"{0FE6DE07-8CBA-3F73-86B4-51B91E506D24}" = Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件
"{101E5DB3-07FA-4E52-8923-05068C94CF43}" = LG AirDrive
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F32180151F0}" = Java 8 Update 151
"{29A7B663-0ABA-456E-8DF4-A464EE5EAFEA}" = VirtualDJ 8
"{3371699A-C1EF-3AC3-B094-D338191FA6E9}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{413A0A2B-D154-4457-833F-3299DB3183FF}" = Autodesk 123D Catch
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5950473A-825B-3019-AF86-55F2F9A95FCB}" = Microsoft Visual Studio Tools for Applications 2012 Finalizer
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}" = Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS
"{7259BDDA-D888-309D-ADE1-84AA0CB24FE9}" = Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74d0e5db-b326-4dae-a6b2-445b9de1836e}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{859C7535-6862-3867-B97E-816795E8AB65}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack
"{89ca2a32-2b52-4595-8dfd-6fe4757958d0}" = Microsoft Visual Studio Tools for Applications 2012
"{8AC01A0D-42B6-4A55-AD7A-A545A7AE5364}" = Enclave
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{955E1388-E1F1-320A-A018-24616ED60F95}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026
"{A3EB1DE3-9D3F-34C2-BDE6-5A8A4B98CC37}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN
"{AC76BA86-0804-1033-1959-001824245926}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B24CA139-492E-454A-83AE-C62311729CFA}" = 3DSlash
"{B8FD8F53-7E58-3DE5-A8FC-CB2B5CCF38CE}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026
"{C3C008A7-D4A5-4E19-B0D6-72043D6EFE34}" = LG Mobile Drivers
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAAC553D-EE02-32D2-9F7E-FBC5C22E4C08}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket
"{CF06B8C4-F6FC-3A4B-ADD0-04A1CAC3DD86}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support
"{D2437C5C-2D8C-40D2-8059-689AD7239FA3}" = Intel(R) C++ Redistributables for Windows* on Intel(R) 64
"{e46eca4f-393b-40df-9f49-076faf788d83}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
"{EFC97089-04D6-42CE-A707-A343B4A7D2CD}" = Ghost Recon Advanced Warfighter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 27 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 27 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 27 PPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.50
"AVG Web TuneUp" = AVG Web TuneUp
"Canon iP7200 series On-screen Manual" = Canon iP7200 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"CaptureOne6_is1" = Capture One 6.1
"CloneCD" = CloneCD
"C-TECH AKANTHA ULTIMATE GAMING SOFTWARE" = C-TECH AKANTHA ULTIMATE GAMING SOFTWARE 1.2
"Dark Sector_is1" = Dark Sector
"Dropbox" = Dropbox
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"FastShare.cz_is1" = FastShare.cz verze 2.3.1
"Hi Suite" = HiSuite
"Inkscape" = Inkscape 0.48.2
"Kingston SSD Toolbox" = Kingston SSD Toolbox (F:\Program Files (x86)\Kingston SSD Toolbox)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 11.3.0
"LG Bridge" = LG Bridge
"LG PC Suite" = LG PC Suite
"MediaInfo" = MediaInfo 0.7.4.5
"netfabb_51" = netfabb Basic
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 49.0.2725.47" = Opera Stable 49.0.2725.47
"ProFact 4.0_is1" = ProFact 4.0
"Příjmové a výdajové doklady_is1" = Příjmové a výdajové doklady
"Registrace uživatele zařízení Canon iP7200 series" = Registrace uživatele zařízení Canon iP7200 series
"SecuROM Diagnostic Tool" = SecuROM Diagnostic Tool
"SignCut" = SignCut
"Sniper Skrytý bojovník_is1" = Sniper Skrytý bojovník
"State of War" = State of War
"Totalcmd" = Total Commander (Remove or Repair)
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.25.1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.11.2017 4:58:22 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 24.11.2017 4:58:22 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 24.11.2017 4:58:22 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 25.11.2017 5:02:28 | Computer Name = PCMvDDesigns-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro F:\Program Files (x86)\LG Electronics\LG
PC Suite\LGPCSuite.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: F:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást
2: F:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error - 25.11.2017 8:27:05 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 25.11.2017 8:27:05 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 25.11.2017 8:27:05 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 25.11.2017 11:53:25 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 25.11.2017 11:53:25 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 25.11.2017 11:53:25 | Computer Name = PCMvDDesigns-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

[ System Events ]
Error - 25.11.2017 11:49:47 | Computer Name = PCMvDDesigns-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535

Error - 25.11.2017 11:49:47 | Computer Name = PCMvDDesigns-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535

Error - 25.11.2017 11:49:47 | Computer Name = PCMvDDesigns-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535

Error - 25.11.2017 11:49:47 | Computer Name = PCMvDDesigns-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535

Error - 25.11.2017 14:43:44 | Computer Name = PCMvDDesigns-PC | Source = PNRPSvc | ID = 102
Description =

Error - 25.11.2017 14:43:44 | Computer Name = PCMvDDesigns-PC | Source = PNRPSvc | ID = 102
Description =

Error - 25.11.2017 14:43:44 | Computer Name = PCMvDDesigns-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535

Error - 25.11.2017 14:43:44 | Computer Name = PCMvDDesigns-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535

Error - 25.11.2017 14:43:44 | Computer Name = PCMvDDesigns-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535

Error - 25.11.2017 14:43:44 | Computer Name = PCMvDDesigns-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535

< End of report >

Marvilian · #11 Příspěvek od **Marvilian** » 26 lis 2017 00:24

OTL logfile created on: 25.11.2017 23:06:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\PCMvDDesigns\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18837)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,25 Gb Available Physical Memory | 65,61% Memory free
15,99 Gb Paging File | 12,62 Gb Available in Paging File | 78,92% Paging File free
Paging file location(s): f:\pagefile.sys 0 0 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files (x86)
Drive C: | 148,95 Gb Total Space | 5,75 Gb Free Space | 3,86% Space Free | Partition Type: NTFS
Drive E: | 100,00 Mb Total Space | 61,56 Mb Free Space | 61,56% Space Free | Partition Type: NTFS
Drive F: | 111,79 Gb Total Space | 21,35 Gb Free Space | 19,10% Space Free | Partition Type: NTFS

Computer Name: PCMVDDESIGNS-PC | User Name: PCMvDDesigns | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2017.11.25 23:04:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\PCMvDDesigns\Desktop\OTL.exe
PRC - [2017.10.21 05:58:58 | 002,187,336 | ---- | M] () -- F:\Program Files (x86)\AVG Web TuneUp\vprot.exe
PRC - [2017.10.21 05:58:58 | 000,981,576 | ---- | M] () -- F:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
PRC - [2017.10.21 05:58:57 | 001,365,064 | ---- | M] (AVG Secure Search) -- F:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
PRC - [2017.09.27 11:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.10.02 19:53:42 | 001,132,544 | ---- | M] () -- F:\Program Files (x86)\FastShare\FastShare.exe
PRC - [2012.04.03 12:33:00 | 000,940,168 | ---- | M] (CANON INC.) -- F:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012.04.03 12:27:16 | 001,087,608 | ---- | M] (CANON INC.) -- F:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012.04.03 12:26:14 | 001,273,448 | ---- | M] (CANON INC.) -- F:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2012.03.28 13:49:10 | 000,140,456 | ---- | M] () -- F:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2017.11.24 09:32:48 | 000,185,344 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\3f8e34ecf6e4b4423102c6776b12752b\UIAutomationTypes.ni.dll
MOD - [2017.11.24 09:32:47 | 000,017,408 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\6b6cbe0411010a1a9978e386925d772f\PresentationFramework-SystemXml.ni.dll
MOD - [2017.11.24 09:26:27 | 000,531,968 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\ff93ced2a4ac784dac2b3e60b8d59586\PresentationFramework.Aero.ni.dll
MOD - [2017.11.24 09:26:23 | 002,031,616 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\1f0588570b81838ccbe73b736d4f0bba\System.Xaml.ni.dll
MOD - [2017.11.24 09:25:57 | 000,811,520 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\5acd49158be6b31ba902600540a2683a\System.Runtime.Remoting.ni.dll
MOD - [2017.11.24 09:25:55 | 000,993,792 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\fd39cc80d745839b391885f6dee39013\System.Configuration.ni.dll
MOD - [2017.11.24 09:25:47 | 013,563,392 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\371a03a90f03340ddd50a25a784c00b6\System.Windows.Forms.ni.dll
MOD - [2017.11.24 09:25:39 | 001,645,568 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78f35bb5674861abfaac13791ed2aa45\System.Drawing.ni.dll
MOD - [2017.11.24 09:25:37 | 019,825,152 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\fee5f11727a19a2cd4f620393558b01d\PresentationFramework.ni.dll
MOD - [2017.11.24 09:25:24 | 012,187,136 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8f60f287a302618931fadffc35cacedd\PresentationCore.ni.dll
MOD - [2017.11.24 09:25:16 | 004,110,336 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ca4e77634d95bc67b8bb5983b62e812c\WindowsBase.ni.dll
MOD - [2017.11.24 09:25:13 | 007,577,088 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d8bf4cfed7f00881cc3dbccb8956b3d6\System.Xml.ni.dll
MOD - [2017.11.24 09:25:07 | 007,684,608 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\1bda562ed7c258d4bb471509de189a1a\System.Core.ni.dll
MOD - [2017.11.24 09:25:00 | 010,336,768 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System\fa56ed44f40dcc8511432234235cf02a\System.ni.dll
MOD - [2017.11.24 09:24:54 | 020,493,312 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\22478b54e1cc995a45aafd8e6482de96\mscorlib.ni.dll
MOD - [2017.10.21 05:58:58 | 002,187,336 | ---- | M] () -- F:\Program Files (x86)\AVG Web TuneUp\vprot.exe
MOD - [2014.10.02 19:53:42 | 001,132,544 | ---- | M] () -- F:\Program Files (x86)\FastShare\FastShare.exe
MOD - [2009.06.23 03:42:42 | 000,043,008 | ---- | M] () -- F:\Program Files (x86)\FastShare\libgcc_s_dw2-1.dll
MOD - [2009.01.10 19:32:40 | 000,011,362 | ---- | M] () -- F:\Program Files (x86)\FastShare\mingwm10.dll

========== Services (SafeList) ==========

SRV:64bit: - [2017.11.23 23:51:16 | 002,648,184 | ---- | M] (ESET) [Auto | Running] -- F:\Program Files\ESET\ESET Security\ekrn.exe -- (ekrn)
SRV:64bit: - [2017.11.13 11:26:48 | 000,051,016 | ---- | M] (Dropbox, Inc.) [Auto | Running] -- F:\Windows\SysNative\DbxSvc.exe -- (DbxSvc)
SRV:64bit: - [2017.10.14 09:01:18 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2017.08.10 09:20:26 | 000,560,552 | ---- | M] (AMD) [Auto | Running] -- F:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2016.08.22 17:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.06.18 13:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- F:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV:64bit: - [2014.04.30 15:33:52 | 000,337,776 | ---- | M] (arvato digital services llc) [Auto | Running] -- f:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- F:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2017.11.25 16:47:04 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017.10.21 05:58:58 | 000,981,576 | ---- | M] () [Auto | Running] -- F:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- (WtuSystemSupport)
SRV - [2017.10.21 05:58:57 | 001,365,064 | ---- | M] (AVG Secure Search) [Auto | Running] -- F:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe -- (vToolbarUpdater40.3.8)
SRV - [2017.09.27 11:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2017.07.26 08:58:28 | 000,192,200 | ---- | M] () [Auto | Running] -- F:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -- (HuaweiHiSuiteService64.exe)
SRV - [2017.04.21 13:53:36 | 000,107,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- F:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2016.11.04 23:02:58 | 000,143,144 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- F:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2016.11.04 23:02:58 | 000,143,144 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- F:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- F:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012.03.28 13:49:10 | 000,140,456 | ---- | M] () [Auto | Running] -- F:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2017.11.23 23:51:15 | 000,180,088 | ---- | M] (ESET) [Kernel | System | Running] -- F:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2017.11.23 23:51:15 | 000,132,848 | ---- | M] (ESET) [File_System | System | Running] -- F:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2017.11.23 23:51:15 | 000,102,160 | ---- | M] (ESET) [Kernel | System | Running] -- F:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2017.08.10 09:20:28 | 036,574,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2017.08.10 09:20:28 | 000,538,536 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2017.07.26 08:58:28 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2017.07.04 09:46:02 | 000,124,288 | ---- | M] () [Kernel | System | Running] -- F:\Windows\SysNative\drivers\wfcre.sys -- (wfcre)
DRV:64bit: - [2017.05.04 12:18:04 | 000,107,344 | ---- | M] (ESET) [Kernel | Boot | Running] -- F:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
DRV:64bit: - [2017.05.04 12:18:04 | 000,078,192 | ---- | M] (ESET) [Kernel | System | Running] -- F:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2017.05.04 12:18:04 | 000,060,544 | ---- | M] (ESET) [Kernel | System | Running] -- F:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2017.05.04 12:18:04 | 000,050,752 | ---- | M] (ESET) [Kernel | Auto | Running] -- F:\Windows\SysNative\drivers\ekbdflt.sys -- (ekbdflt)
DRV:64bit: - [2016.12.09 13:35:10 | 000,054,888 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\avgTap.sys -- (avgTap)
DRV:64bit: - [2016.10.04 13:11:58 | 000,088,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2016.10.04 13:08:38 | 000,118,160 | ---- | M] (Future Technology Devices International Ltd.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2016.08.31 18:36:04 | 000,030,208 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\lgandnetbus64.sys -- (AndnetBus)
DRV:64bit: - [2016.08.24 17:09:06 | 000,037,376 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2016.08.24 17:08:08 | 000,030,720 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2016.08.16 02:18:34 | 000,159,936 | ---- | M] (MBB) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\usb2ser.sys -- (wdm_usb)
DRV:64bit: - [2016.05.04 15:43:22 | 000,080,936 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\rcusbwdm.sys -- (UsbC)
DRV:64bit: - [2016.05.04 15:43:22 | 000,013,864 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- F:\Windows\SysNative\drivers\hostnt.sys -- (HOSTNT)
DRV:64bit: - [2016.04.01 01:31:20 | 000,104,976 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015.08.14 16:41:28 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2015.08.12 14:28:06 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015.08.05 17:39:08 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- F:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2013.10.02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.03.06 07:14:45 | 001,528,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\RTWlanU.sys -- (RtlWlanu)
DRV:64bit: - [2012.12.28 10:01:36 | 000,760,032 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- F:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- F:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.11 17:00:00 | 000,031,232 | ---- | M] (www.winchiphead.com) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\CH341W64.SYS -- (CH341_A64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.17 18:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- F:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2005.09.23 21:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- F:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- F:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = F:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs-CZ
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 79 D8 81 71 E0 35 D3 01 [binary data]
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 8F 8C E0 7D C3 FB D2 01 [binary data]
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={73 ... 2016-07-25 20:38:24&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\..\SearchScopes\{D7F84BE0-7366-4A3A-87C4-FA2E936E590C}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_27368
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: F:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: F:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: F:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: F:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: F:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: F:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.151.2: F:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2: F:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: F:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: F:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - F:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - F:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - F:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll (AVG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [egui] F:\Program Files\ESET\ESET Security\ecmdS.exe (ESET)
O4:64bit: - HKLM..\Run: [RTHDVCPL] F:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CanonQuickMenu] F:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CloneCDTray] F:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DivXMediaServer] F:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [Dropbox] F:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [vProt] F:\Program Files (x86)\AVG Web TuneUp\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] F:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] F:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001..\Run: [CCleaner Monitoring] F:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "F:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "F:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - F:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - F:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKU\S-1-5-21-4003898426-3328390683-1320366113-1001\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.101.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5693F706-F714-428B-B5D4-E0ABFF11C8DB}: DhcpNameServer = 192.168.101.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6D92A60-9006-4429-BCA1-29B87D2E8B1C}: DhcpNameServer = 192.168.101.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A986AAA5-46B7-40C9-9E60-09845D60BB44}: DhcpNameServer = 192.168.88.1 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (F:\Windows\system32\userinit.exe) - F:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - F:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - F:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{19b34c29-40f2-11e5-afea-14cc200426d5}\Shell - "" = AutoRun
O33 - MountPoints2\{19b34c29-40f2-11e5-afea-14cc200426d5}\Shell\AutoRun\command - "" = F:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\rwp.chm
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - F:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - F:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - F:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - F:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - F:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - F:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - F:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - F:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - F:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to F:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2017.11.25 23:04:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- F:\Users\PCMvDDesigns\Desktop\OTL.exe
[2017.11.25 18:52:31 | 000,000,000 | ---D | C] -- F:\Users\PCMvDDesigns\Desktop\Octavia cd2
[2017.11.25 18:47:57 | 000,000,000 | ---D | C] -- F:\Users\PCMvDDesigns\Desktop\zasilka-SL52VD9YVG8UPHKD
[2017.11.25 14:55:53 | 000,000,000 | ---D | C] -- F:\Program Files\trend micro
[2017.11.25 14:55:52 | 000,000,000 | ---D | C] -- F:\rsit
[2017.11.24 09:29:25 | 126,925,120 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\MRT-KB890830.exe
[2017.11.24 09:23:24 | 000,000,000 | -HSD | C] -- F:\Config.Msi
[2017.11.24 09:22:36 | 000,116,224 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ieetwcollector.exe
[2017.11.24 09:22:36 | 000,091,136 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\inseng.dll
[2017.11.24 09:22:36 | 000,076,288 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\mshtmled.dll
[2017.11.24 09:22:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ieetwproxystub.dll
[2017.11.24 09:22:36 | 000,034,304 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\iernonce.dll
[2017.11.24 09:22:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\iernonce.dll
[2017.11.24 09:22:35 | 000,726,528 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ie4uinit.exe
[2017.11.24 09:22:35 | 000,130,048 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\occache.dll
[2017.11.24 09:22:35 | 000,107,520 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\inseng.dll
[2017.11.24 09:22:35 | 000,064,000 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\MshtmlDac.dll
[2017.11.24 09:22:34 | 000,077,824 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2017.11.24 09:22:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2017.11.24 09:22:33 | 002,058,752 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\inetcpl.cpl
[2017.11.24 09:22:33 | 000,710,144 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\ieapfltr.dll
[2017.11.24 09:22:33 | 000,152,064 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\occache.dll
[2017.11.24 09:22:33 | 000,062,464 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\iesetup.dll
[2017.11.24 09:22:32 | 000,662,016 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\jscript.dll
[2017.11.24 09:22:32 | 000,620,032 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\jscript9diag.dll
[2017.11.24 09:22:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ieetwcollectorres.dll
[2017.11.24 09:22:31 | 000,968,704 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\MsSpellCheckingFacility.exe
[2017.11.24 09:22:31 | 000,807,936 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\msfeeds.dll
[2017.11.24 09:22:31 | 000,476,160 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\ieui.dll
[2017.11.24 09:22:31 | 000,315,392 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\dxtrans.dll
[2017.11.24 09:22:31 | 000,115,712 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\ieUnatt.exe
[2017.11.24 09:22:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\tdc.ocx
[2017.11.24 09:22:30 | 002,134,528 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\inetcpl.cpl
[2017.11.24 09:22:30 | 000,800,768 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ieapfltr.dll
[2017.11.24 09:22:30 | 000,066,560 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\iesetup.dll
[2017.11.24 09:22:29 | 001,155,072 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\mshtmlmedia.dll
[2017.11.24 09:22:29 | 000,576,512 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\vbscript.dll
[2017.11.24 09:22:28 | 000,341,504 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\html.iec
[2017.11.24 09:22:28 | 000,168,960 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\msrating.dll
[2017.11.24 09:22:28 | 000,144,384 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ieUnatt.exe
[2017.11.24 09:22:28 | 000,087,552 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\tdc.ocx
[2017.11.24 09:22:27 | 000,615,936 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ieui.dll
[2017.11.24 09:22:27 | 000,489,984 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\dxtmsft.dll
[2017.11.24 09:22:26 | 001,359,360 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\mshtmlmedia.dll
[2017.11.24 09:22:26 | 000,092,160 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\mshtmled.dll
[2017.11.24 09:22:25 | 005,979,648 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\jscript9.dll
[2017.11.24 09:22:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\jscript.dll
[2017.11.24 09:22:25 | 000,814,080 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\jscript9diag.dll
[2017.11.24 09:22:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\html.iec
[2017.11.24 09:22:23 | 000,199,680 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\msrating.dll
[2017.11.24 09:22:23 | 000,088,064 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\MshtmlDac.dll
[2017.11.24 09:22:21 | 005,547,752 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ntoskrnl.exe
[2017.11.24 09:22:20 | 004,001,512 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\ntkrnlpa.exe
[2017.11.24 09:22:20 | 003,945,704 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\ntoskrnl.exe
[2017.11.24 09:22:19 | 001,732,864 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ntdll.dll
[2017.11.24 09:22:19 | 001,460,736 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\lsasrv.dll
[2017.11.24 09:22:19 | 001,212,928 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\rpcrt4.dll
[2017.11.24 09:22:18 | 014,635,008 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wmp.dll
[2017.11.24 09:22:18 | 002,319,872 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\tquery.dll
[2017.11.24 09:22:18 | 000,339,968 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\msexcl40.dll
[2017.11.24 09:22:17 | 011,410,944 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\wmp.dll
[2017.11.24 09:22:17 | 002,222,080 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\mssrch.dll
[2017.11.24 09:22:17 | 002,058,240 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\Query.dll
[2017.11.24 09:22:17 | 001,163,264 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\kernel32.dll
[2017.11.24 09:22:17 | 001,068,544 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\msctf.dll
[2017.11.24 09:22:17 | 000,880,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\advapi32.dll
[2017.11.24 09:22:17 | 000,706,792 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\winload.efi
[2017.11.24 09:22:17 | 000,631,176 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\winresume.efi
[2017.11.24 09:22:16 | 001,549,824 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\tquery.dll
[2017.11.24 09:22:16 | 000,995,272 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ucrtbase.dll
[2017.11.24 09:22:16 | 000,922,432 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\ucrtbase.dll
[2017.11.24 09:22:16 | 000,640,512 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\mswstr10.dll
[2017.11.24 09:22:16 | 000,448,512 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wlansec.dll
[2017.11.24 09:22:16 | 000,419,840 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\KernelBase.dll
[2017.11.24 09:22:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\msjint40.dll
[2017.11.24 09:22:15 | 002,851,328 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\themeui.dll
[2017.11.24 09:22:15 | 002,755,072 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\themeui.dll
[2017.11.24 09:22:15 | 001,400,320 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\mssrch.dll
[2017.11.24 09:22:15 | 000,503,808 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\srcore.dll
[2017.11.24 09:22:15 | 000,463,872 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\certcli.dll
[2017.11.24 09:22:15 | 000,405,504 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\gdi32.dll
[2017.11.24 09:22:15 | 000,392,704 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\wlansec.dll
[2017.11.24 09:22:15 | 000,362,496 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wow64win.dll
[2017.11.24 09:22:15 | 000,342,528 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\certcli.dll
[2017.11.24 09:22:15 | 000,338,432 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\conhost.exe
[2017.11.24 09:22:15 | 000,312,320 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ncrypt.dll
[2017.11.24 09:22:15 | 000,190,464 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\rpchttp.dll
[2017.11.24 09:22:15 | 000,148,480 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\appidpolicyconverter.exe
[2017.11.24 09:22:15 | 000,047,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\ieetwproxystub.dll
[2017.11.24 09:22:14 | 000,778,240 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\mssvp.dll
[2017.11.24 09:22:14 | 000,690,688 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\adtschema.dll
[2017.11.24 09:22:14 | 000,690,688 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\adtschema.dll
[2017.11.24 09:22:14 | 000,491,520 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\mssph.dll
[2017.11.24 09:22:14 | 000,428,032 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\wlanmsm.dll
[2017.11.24 09:22:14 | 000,414,208 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wlanmsm.dll
[2017.11.24 09:22:14 | 000,337,408 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\mssph.dll
[2017.11.24 09:22:14 | 000,288,256 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\mssphtb.dll
[2017.11.24 09:22:14 | 000,249,856 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\SearchProtocolHost.exe
[2017.11.24 09:22:14 | 000,243,712 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wow64.dll
[2017.11.24 09:22:14 | 000,215,552 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\winsrv.dll
[2017.11.24 09:22:14 | 000,151,552 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\t2embed.dll
[2017.11.24 09:22:14 | 000,141,312 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\rpchttp.dll
[2017.11.24 09:22:14 | 000,123,904 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\bcrypt.dll
[2017.11.24 09:22:14 | 000,118,784 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wlanhlp.dll
[2017.11.24 09:22:14 | 000,111,104 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\t2embed.dll
[2017.11.24 09:22:14 | 000,059,904 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\appidapi.dll
[2017.11.24 09:22:13 | 000,382,696 | ---- | C] (Adobe Systems Incorporated) -- F:\Windows\SysNative\atmfd.dll
[2017.11.24 09:22:13 | 000,308,456 | ---- | C] (Adobe Systems Incorporated) -- F:\Windows\SysWow64\atmfd.dll
[2017.11.24 09:22:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wlanapi.dll
[2017.11.24 09:22:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\SearchFilterHost.exe
[2017.11.24 09:22:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\smss.exe
[2017.11.24 09:22:13 | 000,083,968 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\wlanhlp.dll
[2017.11.24 09:22:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\wlanapi.dll
[2017.11.24 09:22:13 | 000,066,400 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2017.11.24 09:22:13 | 000,063,840 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2017.11.24 09:22:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\appidapi.dll
[2017.11.24 09:22:13 | 000,044,032 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\csrsrv.dll
[2017.11.24 09:22:13 | 000,022,368 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2017.11.24 09:22:13 | 000,020,832 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2017.11.24 09:22:13 | 000,019,808 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2017.11.24 09:22:13 | 000,019,808 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2017.11.24 09:22:13 | 000,017,760 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2017.11.24 09:22:13 | 000,017,760 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2017.11.24 09:22:13 | 000,017,760 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2017.11.24 09:22:13 | 000,017,760 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2017.11.24 09:22:13 | 000,016,224 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2017.11.24 09:22:13 | 000,016,224 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2017.11.24 09:22:13 | 000,015,712 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2017.11.24 09:22:13 | 000,014,176 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2017.11.24 09:22:13 | 000,014,176 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
[2017.11.24 09:22:13 | 000,014,176 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-localization-l1-2-0.dll
[2017.11.24 09:22:13 | 000,013,664 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-synch-l1-2-0.dll
[2017.11.24 09:22:13 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-1.dll
[2017.11.24 09:22:13 | 000,011,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2017.11.24 09:22:13 | 000,011,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2017.11.24 09:22:13 | 000,011,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-timezone-l1-1-0.dll
[2017.11.24 09:22:13 | 000,011,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-file-l2-1-0.dll
[2017.11.24 09:22:13 | 000,011,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
[2017.11.24 09:22:13 | 000,011,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-file-l1-2-0.dll
[2017.11.24 09:22:12 | 000,666,624 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\mssvp.dll
[2017.11.24 09:22:12 | 000,296,960 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\rstrui.exe
[2017.11.24 09:22:12 | 000,146,432 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\msaudite.dll
[2017.11.24 09:22:12 | 000,146,432 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\msaudite.dll
[2017.11.24 09:22:12 | 000,135,680 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\sspicli.dll
[2017.11.24 09:22:12 | 000,075,264 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\msscntrs.dll
[2017.11.24 09:22:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\auditpol.exe
[2017.11.24 09:22:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\msscntrs.dll
[2017.11.24 09:22:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\auditpol.exe
[2017.11.24 09:22:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\cryptbase.dll
[2017.11.24 09:22:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\secur32.dll
[2017.11.24 09:22:12 | 000,017,920 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\appidcertstorecheck.exe
[2017.11.24 09:22:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\ntvdm64.dll
[2017.11.24 09:22:12 | 000,015,712 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2017.11.24 09:22:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\ntvdm64.dll
[2017.11.24 09:22:12 | 000,014,176 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2017.11.24 09:22:12 | 000,013,664 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2017.11.24 09:22:12 | 000,012,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2017.11.24 09:22:12 | 000,012,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2017.11.24 09:22:12 | 000,012,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2017.11.24 09:22:12 | 000,012,128 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
[2017.11.24 09:22:12 | 000,011,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll
[2017.11.24 09:22:12 | 000,011,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-file-l2-1-0.dll
[2017.11.24 09:22:11 | 000,115,200 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\mssitlb.dll
[2017.11.24 09:22:11 | 000,104,448 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\mssitlb.dll
[2017.11.24 09:22:11 | 000,099,840 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\mssprxy.dll
[2017.11.24 09:22:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\fontsub.dll
[2017.11.24 09:22:11 | 000,063,488 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\setbcdlocale.dll
[2017.11.24 09:22:11 | 000,050,176 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\srclient.dll
[2017.11.24 09:22:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\sspisrv.dll
[2017.11.24 09:22:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\setup16.exe
[2017.11.24 09:22:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\msshooks.dll
[2017.11.24 09:22:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wow64cpu.dll
[2017.11.24 09:22:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\msshooks.dll
[2017.11.24 09:22:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\instnm.exe
[2017.11.24 09:22:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\wow32.dll
[2017.11.24 09:22:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2017.11.24 09:22:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2017.11.24 09:22:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2017.11.24 09:22:10 | 012,574,208 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\wmploc.DLL
[2017.11.24 09:22:10 | 000,327,168 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\drivers\usbport.sys
[2017.11.24 09:22:10 | 000,100,864 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\fontsub.dll
[2017.11.24 09:22:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\msobjs.dll
[2017.11.24 09:22:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\msobjs.dll
[2017.11.24 09:22:10 | 000,046,080 | ---- | C] (Adobe Systems) -- F:\Windows\SysNative\atmlib.dll
[2017.11.24 09:22:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\lpk.dll
[2017.11.24 09:22:10 | 000,034,304 | ---- | C] (Adobe Systems) -- F:\Windows\SysWow64\atmlib.dll
[2017.11.24 09:22:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\dciman32.dll
[2017.11.24 09:22:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\spwmp.dll
[2017.11.24 09:22:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\spwmp.dll
[2017.11.24 09:22:10 | 000,007,808 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\drivers\usbd.sys
[2017.11.24 09:22:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\apisetschema.dll
[2017.11.24 09:22:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\apisetschema.dll
[2017.11.24 09:22:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2017.11.24 09:22:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2017.11.24 09:22:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2017.11.24 09:22:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2017.11.24 09:22:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\msdxm.ocx
[2017.11.24 09:22:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\dxmasf.dll
[2017.11.24 09:22:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2017.11.24 09:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2017.11.24 09:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2017.11.24 09:22:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\msdxm.ocx
[2017.11.24 09:22:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\dxmasf.dll
[2017.11.24 09:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2017.11.24 09:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2017.11.24 09:22:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysWow64\user.exe
[2017.11.24 09:22:09 | 012,574,720 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\wmploc.DLL
[2017.11.24 09:18:38 | 002,023,936 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\aitstatic.exe
[2017.11.24 09:18:38 | 000,670,208 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\generaltel.dll
[2017.11.24 09:18:38 | 000,603,648 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\devinv.dll
[2017.11.24 09:18:38 | 000,407,392 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\centel.dll
[2017.11.24 09:18:38 | 000,370,688 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\invagent.dll
[2017.11.24 09:18:38 | 000,241,664 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\aepic.dll
[2017.11.24 09:18:38 | 000,134,376 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\CompatTelRunner.exe
[2017.11.24 09:18:37 | 001,570,304 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\appraiser.dll
[2017.11.24 09:18:37 | 000,605,184 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\aeinv.dll
[2017.11.24 09:18:37 | 000,181,760 | ---- | C] (Microsoft Corporation) -- F:\Windows\SysNative\acmigration.dll
[2017.11.16 01:21:55 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2017.11.15 11:42:59 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
[2017.11.15 11:42:59 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\SlySoft
[2017.11.13 11:26:48 | 000,051,016 | ---- | C] (Dropbox, Inc.) -- F:\Windows\SysNative\DbxSvc.exe
[2017.11.13 11:26:48 | 000,045,672 | ---- | C] (Dropbox, Inc.) -- F:\Windows\SysNative\drivers\dbx-dev.sys
[2017.11.13 11:26:48 | 000,045,640 | ---- | C] (Dropbox, Inc.) -- F:\Windows\SysNative\drivers\dbx-stable.sys
[2017.11.13 11:26:48 | 000,045,640 | ---- | C] (Dropbox, Inc.) -- F:\Windows\SysNative\drivers\dbx-canary.sys

========== Files - Modified Within 30 Days ==========

[2017.11.25 23:07:35 | 000,000,512 | ---- | M] () -- F:\PhysicalMBR.bin
[2017.11.25 23:04:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\PCMvDDesigns\Desktop\OTL.exe
[2017.11.25 22:19:39 | 000,000,920 | ---- | M] () -- F:\Windows\tasks\DropboxUpdateTaskMachineUA.job
[2017.11.25 18:32:29 | 126,528,985 | ---- | M] () -- F:\Users\PCMvDDesigns\Desktop\zasilka-SL52VD9YVG8UPHKD.zip
[2017.11.25 17:29:38 | 000,014,224 | -H-- | M] () -- F:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.11.25 17:29:38 | 000,014,224 | -H-- | M] () -- F:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.11.25 16:53:28 | 003,596,192 | ---- | M] () -- F:\Windows\SysNative\perfh005.dat
[2017.11.25 16:53:28 | 001,659,984 | ---- | M] () -- F:\Windows\SysNative\perfh009.dat
[2017.11.25 16:53:28 | 001,129,718 | ---- | M] () -- F:\Windows\SysNative\perfc005.dat
[2017.11.25 16:53:28 | 001,082,352 | ---- | M] () -- F:\Windows\SysNative\perfc009.dat
[2017.11.25 16:53:28 | 000,006,208 | ---- | M] () -- F:\Windows\SysNative\PerfStringBackup.INI
[2017.11.25 16:51:31 | 000,000,000 | ---- | M] () -- F:\Users\PCMvDDesigns\.ktcssd
[2017.11.25 16:49:37 | 000,000,916 | ---- | M] () -- F:\Windows\tasks\DropboxUpdateTaskMachineCore.job
[2017.11.25 16:49:05 | 000,067,584 | --S- | M] () -- F:\Windows\bootstat.dat
[2017.11.25 16:48:34 | 000,065,536 | ---- | M] () -- F:\Windows\SysNative\spu_storage.bin
[2017.11.25 16:47:03 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- F:\Windows\SysWow64\FlashPlayerApp.exe
[2017.11.25 16:47:03 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- F:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2017.11.25 14:55:34 | 001,222,144 | ---- | M] () -- F:\Users\PCMvDDesigns\Desktop\RSITx64.exe
[2017.11.24 09:54:03 | 000,809,008 | ---- | M] () -- F:\Windows\SysNative\FNTCACHE.DAT
[2017.11.24 09:29:26 | 126,925,120 | ---- | M] (Microsoft Corporation) -- F:\Windows\SysNative\MRT-KB890830.exe
[2017.11.23 23:51:15 | 000,180,088 | ---- | M] (ESET) -- F:\Windows\SysNative\drivers\ehdrv.sys
[2017.11.23 23:51:15 | 000,132,848 | ---- | M] (ESET) -- F:\Windows\SysNative\drivers\eamonm.sys
[2017.11.23 23:51:15 | 000,102,160 | ---- | M] (ESET) -- F:\Windows\SysNative\drivers\epfwwfp.sys
[2017.11.23 19:47:01 | 000,000,360 | ---- | M] () -- F:\Windows\tasks\HPCeeScheduleForPCMvDDesigns.job
[2017.11.16 18:08:10 | 000,000,976 | ---- | M] () -- F:\Users\PCMvDDesigns\printrunconf.ini~bak
[2017.11.16 18:08:10 | 000,000,976 | ---- | M] () -- F:\Users\PCMvDDesigns\printrunconf.ini
[2017.11.15 11:43:21 | 000,000,041 | -HS- | M] () -- F:\ProgramData\.zreglib
[2017.11.15 11:43:03 | 000,001,128 | ---- | M] () -- F:\Users\Public\Desktop\CloneCD.lnk
[2017.11.13 11:26:48 | 000,051,016 | ---- | M] (Dropbox, Inc.) -- F:\Windows\SysNative\DbxSvc.exe
[2017.11.13 11:26:48 | 000,045,672 | ---- | M] (Dropbox, Inc.) -- F:\Windows\SysNative\drivers\dbx-dev.sys
[2017.11.13 11:26:48 | 000,045,640 | ---- | M] (Dropbox, Inc.) -- F:\Windows\SysNative\drivers\dbx-stable.sys
[2017.11.13 11:26:48 | 000,045,640 | ---- | M] (Dropbox, Inc.) -- F:\Windows\SysNative\drivers\dbx-canary.sys
[2017.10.27 08:43:44 | 000,097,856 | ---- | M] (Oracle Corporation) -- F:\Windows\SysWow64\WindowsAccessBridge-32.dll

========== Files Created - No Company Name ==========

[2017.11.25 23:07:35 | 000,000,512 | ---- | C] () -- F:\PhysicalMBR.bin
[2017.11.25 18:30:05 | 126,528,985 | ---- | C] () -- F:\Users\PCMvDDesigns\Desktop\zasilka-SL52VD9YVG8UPHKD.zip
[2017.11.25 14:55:33 | 001,222,144 | ---- | C] () -- F:\Users\PCMvDDesigns\Desktop\RSITx64.exe
[2017.11.15 11:43:21 | 000,000,041 | -HS- | C] () -- F:\ProgramData\.zreglib
[2017.11.15 11:43:03 | 000,001,128 | ---- | C] () -- F:\Users\Public\Desktop\CloneCD.lnk
[2017.09.16 16:34:00 | 000,010,240 | ---- | C] () -- F:\Windows\SysWow64\vidx16.dll
[2017.08.10 11:47:49 | 000,518,144 | ---- | C] () -- F:\Windows\SysWow64\msjetoledb40.dll
[2017.08.10 09:20:44 | 000,374,184 | ---- | C] () -- F:\Windows\SysWow64\GameManager32.dll
[2017.08.10 09:20:24 | 000,342,952 | ---- | C] () -- F:\Windows\SysWow64\atieah32.exe
[2017.08.10 09:19:40 | 000,369,064 | ---- | C] () -- F:\Windows\SysWow64\amdgfxinfo32.dll
[2017.08.06 14:12:33 | 000,007,626 | ---- | C] () -- F:\Users\PCMvDDesigns\AppData\Local\Resmon.ResmonCfg
[2017.08.04 18:06:00 | 000,000,085 | ---- | C] () -- F:\Windows\wininit.ini
[2017.07.11 19:56:02 | 000,000,000 | -H-- | C] () -- F:\ProgramData\DP45977C.lfl
[2017.07.11 18:55:51 | 000,049,152 | ---- | C] () -- F:\Windows\SysWow64\LGErrorHandler.dll
[2017.06.01 18:49:01 | 000,005,212 | RHS- | C] () -- F:\ProgramData\ntuser.pol
[2017.04.02 11:52:29 | 000,053,248 | ---- | C] () -- F:\Windows\SysWow64\CommonDL.dll
[2017.04.02 11:52:29 | 000,002,760 | ---- | C] () -- F:\Windows\SysWow64\lgAxconfig.ini
[2016.10.20 22:35:38 | 009,539,581 | ---- | C] () -- F:\Windows\SysWow64\CDSM_CDSM Designer_uninstaller.exe
[2016.06.09 14:53:20 | 000,248,998 | ---- | C] () -- F:\Windows\hpwins25.dat.temp
[2016.06.09 14:53:20 | 000,000,530 | ---- | C] () -- F:\Windows\hpwmdl25.dat.temp
[2016.02.04 19:54:12 | 000,000,976 | ---- | C] () -- F:\Users\PCMvDDesigns\printrunconf.ini~bak
[2016.02.04 19:52:01 | 000,000,976 | ---- | C] () -- F:\Users\PCMvDDesigns\printrunconf.ini
[2015.08.12 13:56:15 | 000,000,000 | ---- | C] () -- F:\Users\PCMvDDesigns\.ktcssd
[2015.08.12 13:56:12 | 000,002,637 | ---- | C] () -- F:\ProgramData\regid.2014-05.com.kingston,KDI_de542a20-1f17-11b2-8fa3-9b5486234594.swidtag

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- F:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = F:\Windows\SysNative\shell32.dll -- [2017.08.15 16:29:44 | 014,182,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2017.08.15 16:10:54 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = F:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = F:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.08.30 16:46:01 | 000,000,000 | ---D | M] -- F:\Users\Default\AppData\Roaming\TuneUp Software
[2015.08.30 16:46:01 | 000,000,000 | ---D | M] -- F:\Users\Default User\AppData\Roaming\TuneUp Software
[2015.08.19 12:42:43 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\AMD
[2017.07.25 20:15:02 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Autodesk
[2017.08.06 16:42:20 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\AVG
[2016.02.07 01:01:45 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Blender Foundation
[2015.09.11 00:41:43 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Canneverbe Limited
[2015.10.12 16:43:26 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Canon
[2017.08.16 09:33:44 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\DAEMON Tools Lite
[2015.11.17 14:00:06 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Dropbox
[2017.08.28 15:10:33 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\ESET
[2017.06.14 14:59:05 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\FileZilla
[2017.09.03 18:03:32 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\GHISLER
[2017.06.14 14:59:05 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\inkscape
[2017.10.12 19:48:03 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\LG Electronics
[2016.02.10 04:46:46 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\netfabb
[2015.08.12 14:33:35 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Opera
[2017.06.19 19:35:59 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Opera Software
[2017.11.23 15:01:49 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\signcut
[2017.09.18 19:28:45 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\TeamViewer
[2017.09.11 17:19:18 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\uTorrent
[2016.09.29 09:01:42 | 000,000,000 | ---D | M] -- F:\Users\Petra\AppData\Roaming\AVG
[2016.11.07 08:38:25 | 000,000,000 | ---D | M] -- F:\Users\Petra\AppData\Roaming\Canon
[2016.11.07 08:42:47 | 000,000,000 | ---D | M] -- F:\Users\Petra\AppData\Roaming\Seznam.cz
[2015.08.30 16:46:01 | 000,000,000 | ---D | M] -- F:\Users\Petra\AppData\Roaming\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- F:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,574 | ---- | C] () -- F:\Windows\Tasks\SCHEDLGU.TXT
[2015.11.17 13:57:01 | 000,000,916 | ---- | C] () -- F:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
[2015.11.17 13:57:01 | 000,000,920 | ---- | C] () -- F:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
[2016.11.11 12:28:22 | 000,000,360 | ---- | C] () -- F:\Windows\Tasks\HPCeeScheduleForPCMvDDesigns.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- F:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- F:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- F:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- F:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- F:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- F:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- F:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- F:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- F:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- F:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- F:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- F:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- F:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- F:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- F:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- F:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- F:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- F:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2016.08.29 16:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- F:\Windows\explorer.exe
[2016.08.29 16:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- F:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_b0517adca98752cc\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- F:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2016.08.29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- F:\Windows\SysWOW64\explorer.exe
[2016.08.29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- F:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_baa6252edde814c7\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- F:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- F:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- F:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- F:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- F:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- F:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- F:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- F:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- F:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- F:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- F:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- F:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 05:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- F:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- F:\Windows\SysNative\services.exe
[2015.04.13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- F:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- F:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- F:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- F:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- F:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- F:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2015.12.29 18:03:28 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- F:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- F:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2015.12.29 18:03:27 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- F:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2017.05.30 05:56:22 | 001,895,656 | ---- | M] (Microsoft Corporation) MD5=7FB36A0A036ADDACE0A868E4A43C1C27 -- F:\Windows\SysNative\drivers\tcpip.sys
[2017.05.30 05:56:22 | 001,895,656 | ---- | M] (Microsoft Corporation) MD5=7FB36A0A036ADDACE0A868E4A43C1C27 -- F:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23821_none_11bfb9fe962e687d\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- F:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2016.07.07 16:36:20 | 001,896,168 | ---- | M] (Microsoft Corporation) MD5=B2875D7ABB82867DC3AA03D991940201 -- F:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23496_none_117904649662b62b\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- F:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- F:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- F:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- F:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- F:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- F:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- F:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- F:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- F:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- F:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- F:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- F:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- F:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- F:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< >

< %systemroot%*.* /U /s >
[6 F:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> F:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 F:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> F:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[84 F:\Windows\Installer\*.tmp files -> F:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015.08.13 12:12:07 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Adobe
[2015.08.19 12:42:43 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\AMD
[2017.07.25 20:15:02 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Autodesk
[2017.08.06 16:42:20 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\AVG
[2016.02.07 01:01:45 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Blender Foundation
[2015.09.11 00:41:43 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Canneverbe Limited
[2015.10.12 16:43:26 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Canon
[2015.08.13 11:18:18 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Corel
[2017.08.16 09:33:44 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\DAEMON Tools Lite
[2017.07.17 21:11:49 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\DivX
[2015.11.17 14:00:06 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Dropbox
[2017.08.28 15:10:33 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\ESET
[2017.06.14 14:59:05 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\FileZilla
[2017.09.03 18:03:32 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\GHISLER
[2016.06.09 11:36:17 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Hewlett-Packard
[2016.06.09 14:23:54 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\HP
[2016.11.14 09:19:44 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\HpUpdate
[2017.06.14 14:59:05 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\inkscape
[2017.10.12 19:48:03 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\LG Electronics
[2015.08.12 13:31:36 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Macromedia
[2017.08.28 14:56:40 | 000,000,000 | --SD | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Microsoft
[2016.02.10 04:46:46 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\netfabb
[2015.08.12 14:33:35 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Opera
[2017.06.19 19:35:59 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Opera Software
[2017.11.23 15:01:49 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\signcut
[2017.10.17 20:59:03 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\Sun
[2017.09.18 19:28:45 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\TeamViewer
[2017.09.11 17:19:18 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\uTorrent
[2015.08.14 17:03:20 | 000,000,000 | ---D | M] -- F:\Users\PCMvDDesigns\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2016.02.09 22:53:19 | 015,369,544 | R--- | M] (Autodesk, Inc.) -- F:\Users\PCMvDDesigns\AppData\Roaming\Microsoft\Installer\{413A0A2B-D154-4457-833F-3299DB3183FF}\PhotoSceneEditor.exe
[2015.04.25 19:30:00 | 000,294,312 | ---- | M] (emc) -- F:\Users\PCMvDDesigns\AppData\Roaming\uTorrent\uninstall.exe
[2015.02.22 20:30:00 | 000,416,168 | ---- | M] (BitTorrent, Inc.) -- F:\Users\PCMvDDesigns\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2017.11.25 16:49:37 | 000,000,916 | ---- | M] () -- F:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
[2017.11.25 23:19:38 | 000,000,920 | ---- | M] () -- F:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
[2017.11.23 19:47:01 | 000,000,360 | ---- | M] () -- F:\Windows\Tasks\HPCeeScheduleForPCMvDDesigns.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2017.11.25 16:47:03 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- F:\Windows\system32\FlashPlayerApp.exe
[2017.11.25 16:47:03 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- F:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "F:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2017.06.09 18:26:02 | 009,807,064 | ---- | M] (Piriform Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2017.10.18 07:45:47 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=49988E109823C2580E26E484D8FEA550 -- F:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.08.28 16:28:36 | 000,874,896 | ---- | M] (Opera Software) MD5=E9B8F06429A1727D9FD9D4CE023EDCEB -- F:\Program Files (x86)\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017.11.25 23:07:35 | 000,000,512 | ---- | M] () MD5=D846D3184C5E1A68B29764D0BFE741FE -- F:\PhysicalMBR.bin

Marvilian · #12 Příspěvek od **Marvilian** » 26 lis 2017 00:25

< >

< *crack* /s >
[2010.05.29 21:41:56 | 000,114,899 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
[2014.03.14 22:05:22 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X7\Custom Data\Bumpmap\Cracks.cpt
[2014.03.14 22:05:22 | 000,017,870 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X7\Custom Data\Canvas\cracks2c.bmp
[2016.12.08 12:20:55 | 000,000,445 | ---- | M] () -- \Users\PCMvDDesigns\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcrackhackware.eu%2Fdist%2Fimg%2Ffavicon.png
[2016.02.18 02:27:13 | 000,000,600 | ---- | M] () -- \Users\PCMvDDesigns\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcrackserialpro.com%2Fwp-content%2Fuploads%2F2014%2F11%2Ffavicon-1.png
[2015.08.30 19:13:00 | 000,000,572 | ---- | M] () -- \Users\PCMvDDesigns\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.get-cracked.com%2Fdownload%2Fbackend%2Fimg%2Ffavicon.png
[2015.08.30 18:59:20 | 000,000,200 | ---- | M] () -- \Users\PCMvDDesigns\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.get-cracked.com%2Fwp-content%2Fuploads%2F2014%2F01%2Flogo-favicon.png
[2017.08.08 19:49:35 | 680,525,824 | ---- | M] () -- \Users\PCMvDDesigns\Desktop\reset hesla win\ophcrack-vista-livecd-3.6.0.iso
[2017.04.10 09:09:10 | 176,317,831 | ---- | M] () -- \Users\PCMvDDesigns\Downloads\Capture.One.Pro.10.full.crack.pefelie.org.rar

< *keygen* /s >
[2017.08.21 00:09:50 | 000,046,592 | ---- | M] () -- \Users\PCMvDDesigns\Desktop\Dokumenty a jiné\prilohy_13414\keygen.exe

< *loader* /s >
[2017.03.22 07:15:22 | 000,004,522 | ---- | M] () -- \MVD Designs\Wordpress\Šablony\accesspress-lite.2.50\accesspress-lite\css\images\bx_loader.gif
[2017.03.22 07:15:22 | 000,000,997 | ---- | M] () -- \MVD Designs\Wordpress\Šablony\accesspress-lite.2.50\accesspress-lite\inc\admin-panel\js\media-uploader.js
[2016.10.11 16:43:16 | 000,001,819 | ---- | M] () -- \MVD Designs\Wordpress\Šablony\illdy.1.0.35\illdy\inc\admin\welcome-screen\img\ajax-loader.gif
[2016.05.23 17:54:28 | 000,005,492 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\class-wp-metadata-lazyloader.php
[2017.01.05 07:18:38 | 000,065,506 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\script-loader.php
[2016.10.07 20:03:32 | 000,002,896 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\template-loader.php
[2014.10.28 21:02:22 | 000,003,542 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\images\uploader-icons-2x.png
[2014.02.13 07:03:14 | 000,001,556 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\images\uploader-icons.png
[2016.10.18 19:05:32 | 000,007,575 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\js\customize-loader.js
[2016.11.03 04:40:34 | 000,003,461 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\js\customize-loader.min.js
[2016.10.22 23:00:34 | 000,005,050 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\js\wp-emoji-loader.js
[2016.11.03 04:40:34 | 000,001,740 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\js\wp-emoji-loader.min.js
[2013.12.28 22:53:16 | 000,002,608 | ---- | M] () -- \MVD Designs\Wordpress\Wordpres česky\wordpress\wp-includes\js\tinymce\skins\lightgray\img\loader.gif
[2010.11.21 04:22:22 | 000,013,782 | ---- | M] () -- \Program Files (x86)\Blender Foundation\Blender\2.62\python\lib\unittest\loader.py
[2009.05.23 01:38:52 | 000,061,952 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2009.05.22 20:27:34 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010.03.24 19:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 19:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2017.11.13 11:26:48 | 000,015,320 | ---- | M] () -- \Program Files (x86)\Dropbox\Client\pythoncomloader27.dll
[2017.11.13 11:26:38 | 000,014,800 | ---- | M] () -- \Program Files (x86)\Dropbox\Client\_win32sysloader.pyd
[2017.11.13 11:26:48 | 000,004,328 | ---- | M] () -- \Program Files (x86)\Dropbox\Client\QtQuick\Controls\Private\TableViewItemDelegateLoader.qml
[2017.11.13 11:26:48 | 000,004,864 | ---- | M] () -- \Program Files (x86)\Dropbox\Client\QtQuick\Controls\Private\TreeViewItemDelegateLoader.qml
[2017.07.26 08:58:30 | 000,009,632 | ---- | M] () -- \Program Files (x86)\HiSuite\skin\hisuite\com.tencent.android.qqdownloader.png
[2010.03.06 09:24:56 | 000,003,614 | ---- | M] () -- \Program Files (x86)\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.03.06 09:24:56 | 000,030,804 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010.03.06 09:24:56 | 000,027,898 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010.03.06 09:24:56 | 000,042,058 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010.03.06 09:24:56 | 000,023,145 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010.03.06 09:24:56 | 000,028,692 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010.03.06 09:24:56 | 000,034,496 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010.03.06 09:24:56 | 000,022,435 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010.03.06 09:24:56 | 000,036,528 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.03.06 09:24:56 | 000,026,252 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010.03.06 09:24:56 | 000,020,063 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010.03.06 09:24:56 | 000,024,412 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010.03.06 09:24:56 | 000,029,401 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010.03.06 09:24:56 | 000,019,399 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010.03.06 09:24:56 | 000,025,270 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010.03.06 09:24:56 | 000,042,114 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.03.06 09:24:56 | 000,018,909 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.08.16 10:41:40 | 000,032,958 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010.08.16 10:41:40 | 000,001,847 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010.08.16 10:41:40 | 000,057,685 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010.08.16 10:41:40 | 000,029,336 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010.08.16 10:41:40 | 000,001,341 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010.08.16 10:41:40 | 000,028,643 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010.08.16 10:41:40 | 000,055,918 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010.08.16 10:41:40 | 000,038,308 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010.08.16 10:41:40 | 000,001,949 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010.08.16 10:41:40 | 000,007,779 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010.08.16 10:41:40 | 000,017,301 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010.08.16 10:41:40 | 000,015,416 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010.08.16 10:41:40 | 000,015,832 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010.08.16 10:41:40 | 000,038,937 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010.08.16 10:41:40 | 000,014,300 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010.08.16 10:41:40 | 000,017,550 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2017.10.27 08:43:39 | 000,018,752 | ---- | M] () -- \Program Files (x86)\Java\jre1.8.0_151\bin\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.01.18 10:46:50 | 000,002,608 | ---- | M] () -- \Program Files (x86)\Phase One\Capture One 6\WebContactSheet\Themes\Fullscreen (Dark)\theme\loader1.gif
[2011.01.18 10:46:50 | 000,003,208 | ---- | M] () -- \Program Files (x86)\Phase One\Capture One 6\WebContactSheet\Themes\Fullscreen (Dark)\theme\loader2.gif
[2011.01.18 10:46:54 | 000,002,608 | ---- | M] () -- \Program Files (x86)\Phase One\Capture One 6\WebContactSheet\Themes\Fullscreen (Light)\theme\loader1.gif
[2011.01.18 10:46:54 | 000,003,208 | ---- | M] () -- \Program Files (x86)\Phase One\Capture One 6\WebContactSheet\Themes\Fullscreen (Light)\theme\loader2.gif
[2010.03.02 21:39:44 | 000,032,958 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010.06.28 03:29:08 | 000,035,751 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\ailoader.pyc
[2010.03.08 02:56:22 | 000,001,847 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010.06.28 03:29:08 | 000,001,791 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\bziploader.pyc
[2010.03.02 22:08:06 | 000,057,685 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010.06.28 03:29:10 | 000,063,343 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\ccxloader.pyc
[2010.06.17 11:08:04 | 000,029,336 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010.06.28 03:29:10 | 000,028,765 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\cdrloader.pyc
[2010.03.08 02:57:04 | 000,001,341 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010.06.28 03:29:10 | 000,001,978 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\cdrziploader.pyc
[2010.05.20 10:46:40 | 000,028,643 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010.06.28 03:29:10 | 000,040,618 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\cgmloader.pyc
[2010.03.02 22:10:56 | 000,055,918 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010.06.28 03:29:10 | 000,059,844 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\cmxloader.pyc
[2009.10.14 23:53:36 | 000,038,308 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010.06.28 03:29:10 | 000,037,822 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\dxfloader.pyc
[2010.03.08 02:57:48 | 000,001,949 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010.06.28 03:29:10 | 000,001,873 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\gziploader.pyc
[2010.03.02 02:02:48 | 000,007,779 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010.06.28 03:29:10 | 000,010,369 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\pltloader.pyc
[2010.06.13 03:45:08 | 000,017,301 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010.06.28 03:29:10 | 000,021,919 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\sk1loader.pyc
[2010.03.07 01:43:00 | 000,015,416 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010.06.28 03:29:10 | 000,019,998 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\skloader.pyc
[2009.12.10 04:37:32 | 000,015,832 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010.06.28 03:29:10 | 000,018,323 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\stitchloader.pyc
[2010.06.21 23:21:00 | 000,038,937 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010.06.28 03:29:10 | 000,041,430 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\svgloader.pyc
[2008.01.06 00:10:26 | 000,014,300 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010.06.28 03:29:10 | 000,017,982 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\wmfloader.pyc
[2009.09.09 18:49:40 | 000,017,550 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2010.06.28 03:29:10 | 000,018,580 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\sk1libs\filters\import\xfigloader.pyc
[2008.07.25 05:47:02 | 000,032,054 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\ailoader.py
[2009.06.06 14:35:18 | 000,037,233 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\ailoader.pyc
[2009.06.06 14:35:20 | 000,037,233 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\ailoader.pyo
[2008.01.06 01:10:26 | 000,001,851 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\bziploader.py
[2009.06.06 14:35:18 | 000,001,916 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\bziploader.pyc
[2009.06.06 14:35:20 | 000,001,916 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\bziploader.pyo
[2008.07.25 05:47:06 | 000,057,647 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\ccxloader.py
[2009.06.06 14:35:18 | 000,065,617 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\ccxloader.pyc
[2009.06.06 14:35:20 | 000,065,617 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\ccxloader.pyo
[2008.12.23 03:02:04 | 000,025,316 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cdrloader.py
[2009.06.06 14:48:28 | 000,025,656 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cdrloader.pyc
[2009.06.06 14:35:20 | 000,025,472 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cdrloader.pyo
[2008.07.25 05:48:46 | 000,001,381 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cdrziploader.py
[2009.06.06 14:35:18 | 000,002,162 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cdrziploader.pyc
[2009.06.06 14:35:20 | 000,002,162 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cdrziploader.pyo
[2008.01.06 01:10:26 | 000,028,556 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cgmloader.py
[2009.06.06 16:14:44 | 000,044,892 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cgmloader.pyc
[2009.06.06 14:35:20 | 000,042,648 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cgmloader.pyo
[2008.01.06 01:10:26 | 000,055,823 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cmxloader.py
[2009.06.06 16:14:34 | 000,064,182 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cmxloader.pyc
[2009.06.06 14:35:18 | 000,061,872 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\cmxloader.pyo
[2008.01.06 01:10:26 | 000,001,954 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\gziploader.py
[2009.06.06 14:35:18 | 000,001,998 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\gziploader.pyc
[2009.06.06 14:35:18 | 000,001,998 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\gziploader.pyo
[2009.05.30 02:42:46 | 000,004,857 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\pltloader.py
[2009.06.06 14:35:18 | 000,006,720 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\pltloader.pyc
[2009.06.06 14:35:18 | 000,006,720 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\pltloader.pyo
[2009.04.16 03:09:40 | 000,016,651 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\sk1loader.py
[2009.06.06 14:35:18 | 000,022,485 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\sk1loader.pyc
[2009.06.06 14:35:18 | 000,022,364 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\sk1loader.pyo
[2008.04.28 01:34:04 | 000,015,196 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\skloader.py
[2009.06.06 14:35:18 | 000,020,853 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\skloader.pyc
[2009.06.06 14:35:18 | 000,020,732 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\skloader.pyo
[2009.06.03 07:04:40 | 000,028,699 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\svgloader.py
[2009.06.06 14:35:18 | 000,032,396 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\svgloader.pyc
[2009.06.06 14:35:18 | 000,032,396 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\svgloader.pyo
[2008.01.06 01:10:26 | 000,014,300 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\wmfloader.py
[2009.06.06 15:20:24 | 000,018,802 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\wmfloader.pyc
[2009.06.06 14:35:18 | 000,018,802 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\wmfloader.pyo
[2008.01.06 01:10:26 | 000,017,008 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\xfigloader.py
[2009.06.06 14:35:18 | 000,018,534 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\xfigloader.pyc
[2009.06.06 14:35:18 | 000,018,534 | ---- | M] () -- \Program Files (x86)\SignCut1pro\Python26\Lib\site-packages\uniconvertor\app\plugins\Filters\xfigloader.pyo
[2008.06.20 18:13:32 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012.08.12 19:58:46 | 000,003,446 | ---- | M] () -- \Program Files\Autodesk\123D Design\Python\Lib\test\test_importlib\builtin\test_loader.py
[2012.08.12 19:58:46 | 000,002,593 | ---- | M] () -- \Program Files\Autodesk\123D Design\Python\Lib\test\test_importlib\extension\test_loader.py
[2012.08.12 19:58:46 | 000,005,099 | ---- | M] () -- \Program Files\Autodesk\123D Design\Python\Lib\test\test_importlib\frozen\test_loader.py
[2012.08.12 19:58:46 | 000,033,460 | ---- | M] () -- \Program Files\Autodesk\123D Design\Python\Lib\test\test_importlib\source\test_abc_loader.py
[2012.08.12 19:58:46 | 000,020,428 | ---- | M] () -- \Program Files\Autodesk\123D Design\Python\Lib\test\test_importlib\source\test_file_loader.py
[2012.04.01 23:53:52 | 000,014,175 | ---- | M] () -- \Program Files\Autodesk\123D Design\Python\Lib\unittest\loader.py
[2012.03.04 23:22:48 | 000,050,885 | ---- | M] () -- \Program Files\Autodesk\123D Design\Python\Lib\unittest\test\test_loader.py
[2010.03.24 19:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 19:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.06.04 04:27:36 | 000,013,648 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\ReflectionLoader.dll
[2017.05.04 12:18:04 | 000,019,136 | ---- | M] () -- \Program Files\ESET\ESET Security\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.12 19:55:33 | 000,000,914 | ---- | M] () -- \Users\PCMvDDesigns\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fjdownloader.org%2Flib%2Ftpl%2Farctic%2Fimages%2Ffavicon.png
[2014.09.29 18:39:34 | 000,115,644 | ---- | M] () -- \Users\PCMvDDesigns\Desktop\Dokumenty a jiné\PAP5503DUO__Kit_Kat_v.1.0.12\FW\preloader_lcsh82_wet_hz_kk.bin
[2016.09.29 08:57:08 | 000,037,473 | ---- | M] () -- \Users\Petra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UPBFTMQH\cz.seznam.software.libfoxloader-3.2.5-win32[1].zip
[2015.05.26 12:37:42 | 000,078,504 | ---- | M] () -- \Users\Petra\AppData\Roaming\Seznam.cz\bin\14849libfoxloader.dll
[2015.05.26 12:35:36 | 000,079,872 | ---- | M] () -- \Users\Petra\AppData\Roaming\Seznam.cz\bin\14852libfoxloader-x64.dll
[2016.11.01 09:51:18 | 000,091,136 | ---- | M] () -- \Users\Petra\AppData\Roaming\Seznam.cz\bin\x64loader.exe
[2016.09.29 08:57:21 | 000,000,165 | ---- | M] () -- \Users\Petra\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2015.01.06 15:17:14 | 000,000,665 | ---- | M] () -- \Users\Petra\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 15:17:14 | 000,000,117 | ---- | M] () -- \Users\Petra\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2014.03.14 23:15:08 | 000,013,648 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\8A0F87196F6B7AD4DA3613C74C78F5B4\17.0.0\reflectionloader.dll
[2009.07.14 13:25:34 | 002,202,645 | ---- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2017.09.13 17:26:31 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_da-dk_2f2cc977230be42d.manifest
[2017.09.13 17:35:42 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_de-de_2c585eb324e238c7.manifest
[2017.09.13 17:45:56 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_el-gr_d4ee8c4613f7a155.manifest
[2017.09.13 16:34:51 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_en-us_d54934ac13c0448c.manifest
[2017.09.13 17:44:36 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_es-es_d514919013e73631.manifest
[2017.09.13 17:27:02 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_fi-fi_742f963d0901285b.manifest
[2017.09.13 17:35:43 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_fr-fr_77cc078f06b94c93.manifest
[2017.09.13 17:27:25 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_hu-hu_bf3c87d6eb191baf.manifest
[2017.09.13 17:27:41 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_it-it_61f3fdd5ddeb3211.manifest
[2017.09.13 17:37:38 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_ja-jp_04197ce2d10643ec.manifest
[2017.09.13 17:38:22 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_ko-kr_a7835997c3770b02.manifest
[2017.09.13 17:27:11 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_nb-no_9015dacc9b9c36be.manifest
[2017.09.13 17:26:52 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_nl-nl_8e55260a9cc84093.manifest
[2017.09.13 17:26:21 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_pl-pl_d491808c81eaae47.manifest
[2017.09.13 17:45:27 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_pt-br_d6e56b308074422b.manifest
[2017.09.13 17:27:00 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_pt-pt_d7c73a9c7fe3b207.manifest
[2017.09.13 17:45:57 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_ru-ru_1e6a4c6064c54033.manifest
[2017.09.13 17:26:54 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_sv-se_ba6536d55bee4a8e.manifest
[2017.09.13 17:27:32 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_tr-tr_6372811c4aaa4c7f.manifest
[2017.09.13 17:36:25 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_zh-cn_34cf9f19fae21e9e.manifest
[2017.09.13 17:34:57 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_zh-hk_337a97a7fbbd912e.manifest
[2017.09.13 17:37:10 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_zh-tw_38cbdc6ff852fb0e.manifest
[2017.09.13 17:26:43 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_cs-cz_9fe5c03c67e29d8a.manifest
[2017.09.13 17:26:30 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_da-dk_3d1fa0635e289989.manifest
[2017.09.13 17:35:33 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_de-de_3a4b359f5ffeee23.manifest
[2017.09.13 17:45:56 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_el-gr_e2e163324f1456b1.manifest
[2017.09.13 16:34:43 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_en-us_e33c0b984edcf9e8.manifest
[2017.09.13 17:44:27 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_es-es_e307687c4f03eb8d.manifest
[2017.09.13 17:27:02 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_fi-fi_82226d29441dddb7.manifest
[2017.09.13 17:35:35 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_fr-fr_85bede7b41d601ef.manifest
[2017.09.13 17:27:17 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_hu-hu_cd2f5ec32635d10b.manifest
[2017.09.13 17:27:33 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_it-it_6fe6d4c21907e76d.manifest
[2017.09.13 17:37:29 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_ja-jp_120c53cf0c22f948.manifest
[2017.09.13 17:38:14 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_ko-kr_b5763083fe93c05e.manifest
[2017.09.13 17:27:10 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_nb-no_9e08b1b8d6b8ec1a.manifest
[2017.09.13 17:26:42 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_nl-nl_9c47fcf6d7e4f5ef.manifest
[2017.09.13 17:26:13 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_pl-pl_e2845778bd0763a3.manifest
[2017.09.13 17:45:18 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_pt-br_e4d8421cbb90f787.manifest
[2017.09.13 17:26:53 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_pt-pt_e5ba1188bb006763.manifest
[2017.09.13 17:45:47 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_ru-ru_2c5d234c9fe1f58f.manifest
[2017.09.13 17:26:45 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_sv-se_c8580dc1970affea.manifest
[2017.09.13 17:27:24 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_tr-tr_7165580885c701db.manifest
[2017.09.13 17:36:18 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_zh-cn_42c2760635fed3fa.manifest
[2017.09.13 17:34:57 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_zh-hk_416d6e9436da468a.manifest
[2017.09.13 17:37:02 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_zh-tw_46beb35c336fb06a.manifest
[2017.09.13 16:58:40 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\3a35e03bf033a5eab08853b471732022\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_9e9f09889a53ab8d.manifest
[2017.09.13 16:08:51 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015.07.23 06:42:48 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2017.09.13 16:08:51 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2015.07.23 06:42:48 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2016.12.03 10:10:30 | 000,019,136 | ---- | M] () -- \Windows\winsxs\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:00:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:02:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:00:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:02:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:01:04 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:02:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:04:10 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:11:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:06:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_68cc15ff92788e54\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:00:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_68c146139280aa45\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 00:52:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_68c747cf927b424f\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:12:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_68c320af927f0d5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:01:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:02:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:04:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:11:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_69588bcaab93ad65\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:05:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_694dbbdeab9bc956\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 22:52:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_693eeacaaba77feb\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:17:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_694fc03eab99f652\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 19:44:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_6907deb0abd0ec97\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.02 16:30:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23539_none_6950c454ab9909f7\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.12 19:22:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23807_none_696f3936ab827aeb\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.07.07 16:29:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23864_none_692b58d0abb5d68c\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.08.11 07:34:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23889_none_691aba6aabc18d21\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.09.13 16:27:55 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23915_none_69626a9cab8c6155\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.11.24 09:28:08 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_cs-cz_91f2e9502cc5e82e.manifest
[2017.11.24 09:28:08 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_cs-cz_91f2e9502cc5e82e_winload.efi.mui_35ee487d
[2017.11.24 09:28:08 | 000,034,536 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_cs-cz_91f2e9502cc5e82e_winload.exe.mui_3bc5b827
[2017.11.24 09:28:08 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_cs-cz_91f2e9502cc5e82e_winresume.efi.mui_f412814e
[2017.11.24 09:28:08 | 000,030,440 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_cs-cz_91f2e9502cc5e82e_winresume.exe.mui_ff8b5358
[2017.11.24 09:28:18 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_b9d734d89c634e61.manifest
[2017.11.24 09:28:19 | 000,706,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_b9d734d89c634e61_winload.efi_75834aa0
[2017.11.24 09:28:19 | 000,633,296 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_b9d734d89c634e61_winload.exe_75835076
[2017.11.24 09:28:19 | 000,631,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_b9d734d89c634e61_winresume.efi_85cd069f
[2017.11.24 09:28:20 | 000,546,656 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_b9d734d89c634e61_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2017.07.11 20:30:21 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.01.12 23:17:25 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_91e42f042cd18522.manifest
[2015.01.16 07:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.05.25 21:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.07.15 06:49:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_91e90a7e2ccd343e.manifest
[2015.07.15 21:47:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_91de3a922cd5502f.manifest
[2015.07.23 04:58:18 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_91cf697e2ce106c4.manifest
[2016.01.22 09:02:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_91e03ef22cd37d2b.manifest
[2016.03.16 22:01:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_cs-cz_91985d642d0a7370.manifest
[2016.09.02 17:34:19 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_91e143082cd290d0.manifest
[2017.05.12 20:17:10 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23807_cs-cz_91ffb7ea2cbc01c4.manifest
[2017.07.07 17:26:25 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23864_cs-cz_91bbd7842cef5d65.manifest
[2017.08.11 08:45:24 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23889_cs-cz_91ab391e2cfb13fa.manifest
[2017.09.13 17:26:52 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_cs-cz_91f2e9502cc5e82e.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.01.12 04:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 07:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.05.25 19:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2015.07.15 04:48:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_b9cd56069c6a9a71.manifest
[2015.07.15 19:39:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_b9c2861a9c72b662.manifest
[2015.07.23 02:47:39 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_b9b3b5069c7e6cf7.manifest
[2016.01.22 07:51:12 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_b9c48a7a9c70e35e.manifest
[2016.03.16 20:24:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_b97ca8ec9ca7d9a3.manifest
[2016.09.02 16:55:50 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_b9c58e909c6ff703.manifest
[2017.05.12 19:50:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23807_none_b9e403729c5967f7.manifest
[2017.07.07 16:48:50 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23864_none_b9a0230c9c8cc398.manifest
[2017.08.11 08:02:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23889_none_b98f84a69c987a2d.manifest
[2017.09.13 16:58:37 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_b9d734d89c634e61.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2016.12.03 10:10:31 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_b1a7386eee2cbfb4\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:01:01 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:02:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:00:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:02:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:01:05 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:02:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:04:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 18:55:18 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 03:47:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_0cad7a7bda1b1d1e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 18:44:18 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_0ca2aa8fda23390f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 18:42:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_0ca8ac4bda1dd119\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 06:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:01:04 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:02:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.29 18:04:08 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 03:51:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_0d39f046f3363c2f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 18:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_0d2f205af33e5820\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 00:54:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_0d204f46f34a0eb5\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 06:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 19:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.02 16:16:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23539_none_0d3228d0f33b98c1\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.12 19:03:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23807_none_0d509db2f32509b5\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.07.07 16:10:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23864_none_0d0cbd4cf3586556\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.08.11 07:19:29 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23889_none_0cfc1ee6f3641beb\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.09.13 16:08:51 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23915_none_0d43cf18f32ef01f\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> F:\Windows:B5AF416728541C88

< End of report >

#13 Příspěvek od **Rudy** » 26 lis 2017 11:33

Předpokládal jsem správně, systém není legální. Proto nebudu tento problém řešit. Viz. pravidla fóra: https://forum.viry.cz/viewtopic.php?f=12&t=115512 .

Marvilian · #14 Příspěvek od **Marvilian** » 26 lis 2017 12:13

Poznáte prosím alespoň z logů zda tam nějaký virus je nebo co to je a zda mohu zálohovat soubory mimo instalací programů beze strachu že si na externí HDD přenesu i ten virus? Nebo alespoň nějaká rada jak bych se viru nebo co to je mohl zbavit? Od včerejška se mi stává že se PC samo restartuje. Děkuji moc za odpověď.

#15 Příspěvek od **Rudy** » 26 lis 2017 12:41

Vidím jen nějaké AdWary a určitě tam budou i nějaké zbytečnosti. Jiné viry tam nevidím.

VIRY.CZ

Záhadný něco asi virus

Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus

Re: Záhadný něco asi virus