Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Avast - Vytížení

Moderátoři: james008, JaRon, Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
Ardenlax
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 29 srp 2015 18:26

Re: Avast - Vytížení

#31 Příspěvek od Ardenlax »

OTL logfile created on: 9. 12. 2015 20:24:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alexandr\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17451)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,82 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 58,39% Memory free
7,32 Gb Paging File | 5,55 Gb Available in Paging File | 75,87% Paging File free
Paging file location(s): c:\pagefile.sys 3584 7168 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 572,61 Gb Total Space | 60,62 Gb Free Space | 10,59% Space Free | Partition Type: NTFS
Drive E: | 341,80 Gb Total Space | 260,13 Gb Free Space | 76,11% Space Free | Partition Type: NTFS

Computer Name: SKOTNICA | User Name: Alexandr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/12/09 20:22:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alexandr\Desktop\OTL.exe
PRC - [2015/11/27 21:33:24 | 004,650,952 | ---- | M] (MY.COM B.V.) -- C:\Users\Alexandr\AppData\Local\MyComGames\MyComGames.exe
PRC - [2015/11/24 09:00:56 | 000,741,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/11/06 17:12:22 | 006,133,520 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015/10/28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/09/20 15:58:08 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/08/04 11:47:08 | 000,923,696 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2015/07/29 15:43:54 | 002,909,472 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/09/05 01:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/15 20:09:22 | 000,111,216 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\RadioController\RfBtnHelper.exe
PRC - [2013/02/20 00:03:54 | 002,615,368 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
PRC - [2012/12/10 09:39:12 | 000,475,984 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/12/10 09:39:09 | 000,350,544 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/12/10 09:39:08 | 001,192,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/07/18 01:10:34 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 01:10:32 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 01:10:18 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/14 00:27:00 | 000,769,432 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2015/11/24 09:00:53 | 001,583,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libglesv2.dll
MOD - [2015/11/24 09:00:52 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libegl.dll
MOD - [2015/11/21 23:45:39 | 002,340,296 | ---- | M] () -- C:\Users\Alexandr\AppData\Local\MyComGames\BigUp2.dll
MOD - [2015/11/21 23:45:39 | 000,179,144 | ---- | M] () -- C:\Users\Alexandr\AppData\Local\MyComGames\LightUpdate.dll
MOD - [2015/11/21 23:45:39 | 000,144,896 | ---- | M] () -- C:\Users\Alexandr\AppData\Local\MyComGames\zlib1.dll
MOD - [2015/11/21 23:45:39 | 000,062,464 | ---- | M] () -- C:\Users\Alexandr\AppData\Local\MyComGames\pxd.dll
MOD - [2015/09/20 15:58:32 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/09/20 15:58:15 | 000,103,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/09/20 15:58:10 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/08/26 10:18:40 | 050,425,344 | ---- | M] () -- C:\Users\Alexandr\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
MOD - [2013/09/05 01:36:28 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013/02/21 06:58:24 | 000,089,672 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2015/11/07 12:41:44 | 001,583,488 | ---- | M] (Echobit LLC) [On_Demand | Stopped] -- C:\Program Files\Echobit\Evolve\EvoSvc.exe -- (EvoSvc)
SRV:64bit: - [2015/09/20 15:58:08 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015/09/20 15:57:41 | 004,048,280 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2015/07/06 17:16:09 | 000,016,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2015/06/18 13:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV:64bit: - [2014/10/02 23:29:16 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/07/07 06:52:33 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/05/30 00:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/16 06:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/06/01 10:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/21 10:50:07 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/04/21 10:05:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/03/15 23:00:12 | 000,662,088 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2013/03/02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/11/20 11:48:38 | 000,100,752 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2012/08/21 00:36:22 | 000,176,640 | ---- | M] (Broadcom Corp.) [Auto | Running] -- C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe -- (BrcmCardReader)
SRV:64bit: - [2012/07/26 04:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/04/20 22:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/12/01 09:58:20 | 001,008,880 | ---- | M] (Overwolf LTD) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdater)
SRV - [2015/11/10 03:44:38 | 000,836,176 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/10/28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/09/19 18:53:10 | 000,136,048 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2015/09/19 18:53:10 | 000,136,048 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
SRV - [2015/09/02 12:36:04 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2015/07/29 15:43:54 | 002,909,472 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015/07/09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/05 01:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/07/15 20:09:22 | 000,096,880 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2013/02/20 00:03:54 | 002,615,368 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2013/01/25 08:12:12 | 000,227,456 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/10 09:39:09 | 000,350,544 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/10/23 19:37:58 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/08/15 19:44:50 | 003,943,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/07/26 04:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/18 01:10:34 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 01:10:32 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 01:10:18 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/14 00:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015/11/07 12:41:47 | 000,021,656 | ---- | M] (Echobit, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\evolve.sys -- (EvolveVirtualAdapter)
DRV:64bit: - [2015/11/06 17:13:00 | 000,449,992 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2015/11/06 17:12:59 | 001,059,656 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2015/09/20 15:58:38 | 000,153,744 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015/09/20 15:58:37 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015/09/20 15:58:36 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015/09/20 15:58:36 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015/09/20 15:58:36 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015/09/20 15:58:35 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015/09/20 15:57:53 | 000,132,656 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\ngvss.sys -- (ngvss)
DRV:64bit: - [2015/09/20 15:57:41 | 000,274,336 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2015/09/10 06:36:02 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/07/06 17:16:32 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/07/06 15:32:07 | 000,281,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/03/04 08:29:17 | 000,361,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/12/18 09:51:28 | 000,096,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/07/24 14:50:54 | 000,447,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/10/05 07:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/09/05 01:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/08/16 06:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 07:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/15 20:09:22 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2013/07/09 09:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/02 02:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/02 02:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 07:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/01 04:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/04/21 10:50:07 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/04/21 10:41:20 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/04/21 10:39:44 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/04/21 10:34:40 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/04/21 10:26:27 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/04/21 10:09:46 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/04/21 10:04:56 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/04/21 10:04:56 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/03/02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/25 07:46:26 | 000,581,200 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/01/25 07:46:24 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/01/25 07:46:22 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/01/25 07:46:20 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/01/25 07:46:20 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/01/25 07:46:20 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/01/25 07:46:20 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/01/25 07:46:20 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/01/21 10:56:12 | 003,747,840 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/11/20 11:48:40 | 000,331,152 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/10/23 19:37:42 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/16 21:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/14 19:15:36 | 000,070,744 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2012/08/13 18:59:42 | 000,072,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2012/08/13 18:59:42 | 000,021,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2012/07/26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 03:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/02 23:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 15:40:51 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/19 00:20:52 | 000,055,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2012/06/02 15:31:37 | 000,425,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2012/06/02 15:31:33 | 005,139,968 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BCMWL63A.SYS -- (BCM43XX)
DRV:64bit: - [2012/05/26 01:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00E\ccSetx64.sys -- (ccSet_NARA)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}
IE:64bit: - HKLM\..\SearchScopes\{ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}
IE - HKLM\..\SearchScopes\{ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MAARJS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com

IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1002\..\SearchScopes,DefaultScope = {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@my.com/Games: C:\Users\Alexandr\AppData\Local\MyComGames\NPMyComDetector.dll (My.com, Inc)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/09/20 15:58:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK


========== Chrome ==========

CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoekgdlembbelehimiljbdnofnldepmc\1.0.4_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdfpmjnfglpmofblacoponodofkdongp\1.1_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall\1.7_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg\5.11.3_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg\6.19_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifkpflabnobkgbjpcmocmgcajlecbcp\3.12.2_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2012/07/26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll File not found
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [LManager] File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [RadioController] C:\Program Files (x86)\RadioController\RfBtnHelper.exe (Dritek System Inc.)
O4 - HKU\S-1-5-21-3338900602-571765566-1102821152-1002..\Run: [{6B84E528-9705-4D36-9C97-97B8E23DAB75}] "C:\Users\Alexandr\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe" /cmdloc "HKCU\Software\Riot Games AiTemp\{6B84E528-9705-4D36-9C97-97B8E23DAB75}" File not found
O4 - HKU\S-1-5-21-3338900602-571765566-1102821152-1002..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3338900602-571765566-1102821152-1002..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3338900602-571765566-1102821152-1002..\Run: [EvolveClient] C:\Program Files\Echobit\Evolve\EvolveClient.exe (Echobit LLC)
O4 - HKU\S-1-5-21-3338900602-571765566-1102821152-1002..\Run: [MK LOL] C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe (MKGame)
O4 - HKU\S-1-5-21-3338900602-571765566-1102821152-1002..\Run: [MyComGames] C:\Users\Alexandr\AppData\Local\MyComGames\MyComGames.exe (MY.COM B.V.)
O4 - HKU\S-1-5-21-3338900602-571765566-1102821152-1002..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf LTD)
O4 - HKU\S-1-5-21-3338900602-571765566-1102821152-1002..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-3338900602-571765566-1102821152-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B26C385-7A9D-49A9-BFFC-57EDC999C3CF}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B26C385-7A9D-49A9-BFFC-57EDC999C3CF}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E42551A-0C90-4C5F-AFBB-CE61E90B5B33}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{082d5586-5470-11e5-be7e-208984c9bb53}\Shell - "" = AutoRun
O33 - MountPoints2\{082d5586-5470-11e5-be7e-208984c9bb53}\Shell\AutoRun\command - "" = "F:\NTW.part01.exe"
O33 - MountPoints2\{68f0e27b-84a0-11e5-be85-208984c9bb53}\Shell - "" = AutoRun
O33 - MountPoints2\{68f0e27b-84a0-11e5-be85-208984c9bb53}\Shell\AutoRun\command - "" = "G:\autorun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015/12/09 20:22:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alexandr\Desktop\OTL.exe
[2015/12/09 19:58:46 | 000,000,000 | -HSD | C] -- C:\AI_RecycleBin
[2015/12/09 16:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/12/09 16:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/12/09 16:59:29 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015/12/08 20:31:55 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\Desktop\Anotace_POSLEDNI_rocnik
[2015/12/04 18:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Napoleon Total War
[2015/12/04 15:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015/12/04 15:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AV
[2015/12/03 21:35:58 | 000,000,000 | ---D | C] -- C:\Program Files\paint.net
[2015/12/03 21:35:03 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\AppData\Local\paint.net
[2015/11/27 21:38:54 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2015/11/27 21:38:54 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2015/11/27 21:38:54 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2015/11/27 21:38:54 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2015/11/27 21:38:54 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2015/11/27 21:38:54 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2015/11/27 21:38:54 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2015/11/27 21:38:54 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2015/11/27 21:38:54 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2015/11/27 21:38:54 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2015/11/27 21:38:54 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2015/11/27 21:38:54 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2015/11/27 21:38:54 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2015/11/27 21:38:54 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2015/11/27 21:38:54 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2015/11/27 21:38:54 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2015/11/27 21:38:54 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2015/11/27 21:38:54 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-eventing-provider-l1-1-0.dll
[2015/11/27 21:38:54 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-eventing-provider-l1-1-0.dll
[2015/11/27 21:38:54 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2015/11/27 21:38:54 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2015/11/27 21:38:53 | 000,961,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2015/11/27 21:38:53 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2015/11/27 21:38:53 | 000,064,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2015/11/27 21:38:53 | 000,062,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2015/11/24 19:53:39 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\Desktop\ZSV
[2015/11/22 22:16:51 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armored Warfare MyCom Beta
[2015/11/21 23:45:52 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
[2015/11/21 23:45:39 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\AppData\Local\MyComGames
[2015/11/21 14:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange Episode 5
[2015/11/21 12:22:09 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\Desktop\Hry
[2015/11/21 12:21:56 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\Desktop\Bubíci
[2015/11/14 23:04:07 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\Documents\CPY_SAVES
[2015/11/14 22:42:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2015/11/12 20:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015/11/11 17:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2015/11/10 14:27:39 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\AppData\Local\clear.fi
[2015/11/10 13:42:25 | 026,690,560 | ---- | C] (Microsoft Corporation) -- C:\Users\Alexandr\Desktop\Microsoft Office 2010 Pro Plus x64 & x86 Activator and Keygen.exe
[2015/11/09 21:05:10 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_39.dll
[2015/11/09 21:05:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_39.dll
[2015/11/09 21:05:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_39.dll
[2015/11/09 20:46:23 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\AppData\Local\assembly
[2015/11/09 20:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2015/11/09 20:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2015/11/09 20:36:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2015/11/09 20:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2015/11/09 20:33:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2015/11/09 20:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2015/11/09 20:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2015/11/09 20:30:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2015/11/09 20:27:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2015/11/09 20:27:22 | 000,000,000 | ---D | C] -- C:\Users\Alexandr\AppData\Local\Microsoft Help
[2015/11/09 20:26:35 | 000,000,000 | RH-D | C] -- C:\MSOCache
[1 C:\Users\Alexandr\Desktop\*.tmp files -> C:\Users\Alexandr\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/12/09 20:26:06 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/12/09 20:25:35 | 001,222,144 | ---- | M] () -- C:\Users\Alexandr\Desktop\RSITx64.exe
[2015/12/09 20:22:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alexandr\Desktop\OTL.exe
[2015/12/09 20:18:35 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/12/09 20:17:30 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job
[2015/12/09 20:17:06 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/12/09 20:15:03 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/12/09 20:14:40 | 3281,010,688 | -HS- | M] () -- C:\hiberfil.sys
[2015/12/09 19:58:23 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job
[2015/12/09 19:45:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/12/09 17:55:41 | 000,019,179 | ---- | M] () -- C:\Users\Alexandr\Desktop\Martin.png
[2015/12/08 20:31:39 | 001,707,614 | ---- | M] () -- C:\Users\Alexandr\Desktop\Anotace_POSLEDNI_rocnik.rar
[2015/12/06 21:37:34 | 000,061,628 | ---- | M] () -- C:\Users\Alexandr\Desktop\207.jpg
[2015/12/06 21:37:27 | 000,065,261 | ---- | M] () -- C:\Users\Alexandr\Desktop\206.jpg
[2015/12/03 22:00:03 | 000,218,020 | ---- | M] () -- C:\Users\Alexandr\Desktop\Krčí hlídka.jpg
[2015/12/03 21:36:40 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\paint.net.lnk
[2015/11/30 18:03:47 | 000,037,540 | ---- | M] () -- C:\Users\Alexandr\Desktop\437417730297_11_1132_20151126.pdf
[2015/11/24 22:00:09 | 002,913,302 | ---- | M] () -- C:\Users\Alexandr\Desktop\Nears Theme (A) - Death Note.mp3
[2015/11/24 16:48:46 | 000,024,436 | ---- | M] () -- C:\Users\Alexandr\Desktop\krč.jpg
[2015/11/14 12:16:48 | 001,714,430 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/11/14 12:16:48 | 000,727,488 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2015/11/14 12:16:48 | 000,710,244 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/11/14 12:16:48 | 000,148,006 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2015/11/14 12:16:48 | 000,132,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/11/13 20:21:45 | 000,430,736 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[1 C:\Users\Alexandr\Desktop\*.tmp files -> C:\Users\Alexandr\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/12/09 20:26:06 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/12/09 20:25:32 | 001,222,144 | ---- | C] () -- C:\Users\Alexandr\Desktop\RSITx64.exe
[2015/12/09 17:55:41 | 000,019,179 | ---- | C] () -- C:\Users\Alexandr\Desktop\Martin.png
[2015/12/08 20:31:28 | 001,707,614 | ---- | C] () -- C:\Users\Alexandr\Desktop\Anotace_POSLEDNI_rocnik.rar
[2015/12/06 21:37:30 | 000,061,628 | ---- | C] () -- C:\Users\Alexandr\Desktop\207.jpg
[2015/12/06 21:37:18 | 000,065,261 | ---- | C] () -- C:\Users\Alexandr\Desktop\206.jpg
[2015/12/03 22:00:03 | 000,218,020 | ---- | C] () -- C:\Users\Alexandr\Desktop\Krčí hlídka.jpg
[2015/12/03 21:36:40 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
[2015/12/03 21:36:40 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\paint.net.lnk
[2015/12/02 06:40:01 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/12/02 06:39:54 | 000,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/30 18:03:21 | 000,037,540 | ---- | C] () -- C:\Users\Alexandr\Desktop\437417730297_11_1132_20151126.pdf
[2015/11/26 20:12:30 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015/11/24 21:59:53 | 002,913,302 | ---- | C] () -- C:\Users\Alexandr\Desktop\Nears Theme (A) - Death Note.mp3
[2015/11/24 16:48:35 | 000,024,436 | ---- | C] () -- C:\Users\Alexandr\Desktop\krč.jpg
[2015/09/06 13:17:53 | 000,000,058 | ---- | C] () -- C:\WINDOWS\JQHApp.dat
[2015/09/05 09:40:01 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll

========== ZeroAccess Check ==========

[2013/07/15 20:36:38 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/17 07:54:17 | 019,777,536 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/17 06:13:06 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015/09/05 18:40:45 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\AVAST Software
[2015/09/06 11:36:01 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Battle.net
[2015/09/04 21:34:43 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\ClassicShell
[2015/10/07 20:39:29 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\DAEMON Tools Lite
[2015/09/19 18:54:42 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Dropbox
[2015/10/13 17:32:00 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Exanima
[2015/10/27 22:16:20 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Fatshark
[2015/09/28 19:37:15 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Guild Wars 2
[2015/09/05 08:50:38 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\IObit
[2015/10/10 21:59:15 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\JpegMini
[2015/09/04 21:23:18 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\lm
[2015/10/02 14:12:26 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\LolClient
[2015/09/20 17:51:40 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Mount&Blade Warband
[2015/09/20 09:19:05 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Mount&Blade With Fire and Sword
[2015/10/31 10:29:09 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2015/09/05 08:51:32 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\ProductData
[2015/11/09 21:05:18 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Riot Games
[2015/10/07 20:54:10 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Steam
[2015/12/04 19:21:21 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\The Creative Assembly
[2015/12/02 22:23:26 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\TS3Client
[2015/12/08 21:11:04 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< >
[2012/07/26 08:22:10 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2015/09/19 18:53:13 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
[2015/09/19 18:53:15 | 000,000,930 | ---- | C] () -- C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
[2015/12/02 06:39:54 | 000,000,974 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2015/12/02 06:40:01 | 000,000,978 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\AGP440.sys
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\AGP440.sys

< MD5 for: ATAPI.SYS >
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2015/09/24 07:37:36 | 000,000,619 | ---- | M] () MD5=1199C2873417C8C773CE5ECBE552AC1C -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe
[2015/09/15 20:02:27 | 000,040,790 | ---- | M] () MD5=212E09EE9584D60CB2EF018279A33B31 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2015/09/15 20:02:29 | 000,000,596 | ---- | M] () MD5=5583A93868E0E7C7A34A0996DD2FFDE1 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\SysWOW64\autochk.exe
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2015/09/24 07:37:35 | 000,034,714 | ---- | M] () MD5=AAC15357800388ED5C21BDD3DE43768D -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\WINDOWS\SysNative\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe

< MD5 for: CDROM.SYS >
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2015/09/16 18:02:55 | 000,010,405 | ---- | M] () MD5=5040E4389A7F4ADB269D0DCE68D0556C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20774_none_cf5db3323da8ff2e\cryptsvc.dll
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[2015/09/16 18:02:54 | 000,001,071 | ---- | M] () MD5=9ED5ABD1D815FE9695DD5D3BE2D808E6 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16595_none_cebf74f3249ab376\cryptsvc.dll
[2015/09/16 18:02:55 | 000,010,481 | ---- | M] () MD5=AFFEC292FA5400D29050B96907FF26B6 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20699_none_cf4d12e63db4b89c\cryptsvc.dll
[2015/09/16 18:02:53 | 000,010,706 | ---- | M] () MD5=F5839521990EC1C1747C5E752382864A -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16384_none_cec940c9249383e0\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2015/09/16 18:09:52 | 000,221,955 | ---- | M] () MD5=1A71C842F54F84C0F3EAC33F7CB184D3 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2015/09/16 18:09:59 | 000,217,360 | ---- | M] () MD5=680BBD7ED1F97BBB4969309E4EBD7785 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2015/09/16 18:09:57 | 000,220,321 | ---- | M] () MD5=77F1A62E3F7F7A0A1E242878E805CA12 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2015/09/20 08:49:18 | 000,191,929 | ---- | M] () MD5=7B6607130DE0BF101220A4FC85F2C5FC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\$Windows.~BT\Sources\Panther\066C0E28-8F6C-4EE1-A5F2-1F01A5AAB3B7\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\$Windows.~BT\Sources\Panther\6799E0BC-CF16-4316-A32B-A60DC15628D8\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2015/09/20 08:49:10 | 000,193,351 | ---- | M] () MD5=A3E6078B88C2A4EED2D7BAE3355C482C -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\$Windows.~BT\Sources\Panther\066C0E28-8F6C-4EE1-A5F2-1F01A5AAB3B7\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\$Windows.~BT\Sources\Panther\6799E0BC-CF16-4316-A32B-A60DC15628D8\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2015/09/20 08:49:14 | 000,191,911 | ---- | M] () MD5=E24D3934C3767C7069C0E4C57FA3B4CF -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2015/09/20 08:49:21 | 000,190,101 | ---- | M] () MD5=E7438FD838D07897B5D6FC79DE495F7E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe
[2015/09/16 18:09:54 | 000,220,310 | ---- | M] () MD5=F678DF9E05B499428DBDF1023CC850CA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe

< MD5 for: HAL.DLL >
[2015/09/16 18:13:03 | 000,002,020 | ---- | M] () MD5=25F202409EB1206BF3FE78062B1E5E9C -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20544_none_04a77869fc6b9a79\hal.dll
[2015/09/16 18:13:01 | 000,001,298 | ---- | M] () MD5=444793A763E6B44A536ED240E431AE4B -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16420_none_042f7a4ee3415d71\hal.dll
[2015/09/16 18:13:00 | 000,011,988 | ---- | M] () MD5=4C5148B10982B551EF932E181D006DC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16384_none_03f29a08e36e6d4c\hal.dll
[2015/09/16 18:13:02 | 000,001,310 | ---- | M] () MD5=B2D2BB32B23568606A5C17440276F49D -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20521_none_04ba1763fc5e1692\hal.dll
[2013/04/21 10:29:17 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\WINDOWS\SysNative\hal.dll
[2013/04/21 10:29:17 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16442_none_041bdb0ae34fc801\hal.dll

< MD5 for: IASTORV.SYS >
[2012/07/26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2012/07/26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_819876bbe5c3b25f\iaStorV.sys
[2012/07/26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.2.9200.16384_none_07daf9dd118c3086\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2012/07/26 06:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2012/07/26 06:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\isapnp.sys
[2012/07/26 06:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\isapnp.sys

< MD5 for: LSASS.EXE >
[2015/09/16 18:32:11 | 000,004,225 | ---- | M] () MD5=15CF7DCFA30118C6BE89EE4FD6DF50B6 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.21548_none_96ee11c3350c4940\lsass.exe
[2015/09/16 18:32:06 | 000,004,225 | ---- | M] () MD5=3526C9635A2FDAD7F6ED883ED4FAD2EB -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20521_none_96fcc65d3502465c\lsass.exe
[2015/09/16 18:32:01 | 000,004,224 | ---- | M] () MD5=3D74754C7EF09034FCDD9ED9F5FBFDD2 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16420_none_967229481be58d3b\lsass.exe
[2015/09/16 18:32:04 | 000,000,496 | ---- | M] () MD5=5285F72512415D1B79F6537C7734E6DB -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.17422_none_967413141be3d98a\lsass.exe
[2015/09/16 18:32:03 | 000,000,496 | ---- | M] () MD5=534D3898700F3B483BB31179A4EC0001 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.17362_none_9648d17e1c044c27\lsass.exe
[2015/09/16 18:32:02 | 000,000,496 | ---- | M] () MD5=56FFAA1B2E2331E1BB5C4CB299E794C9 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16865_none_964bf2a21c01704e\lsass.exe
[2015/09/16 18:32:05 | 000,000,496 | ---- | M] () MD5=5FE9B0DEA600B4B8A5448761C8678E48 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.17438_none_966f44e41be68d85\lsass.exe
[2015/09/16 18:32:09 | 000,004,225 | ---- | M] () MD5=6C88CCA1C1405B10ACD378DF05BFC6FD -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.21526_none_9701b10734fddeb0\lsass.exe
[2015/09/16 18:32:09 | 000,004,225 | ---- | M] () MD5=87455A4A4401051BE9611E22520724E6 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.21531_none_96f1dfa9350a7bee\lsass.exe
[2015/09/16 18:32:12 | 000,004,225 | ---- | M] () MD5=BB33699C66451532AC774BE8E2248C38 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.21561_none_96d16fe53522cfc1\lsass.exe
[2015/09/16 18:32:08 | 000,004,225 | ---- | M] () MD5=C48C6F55435F97FF1880456D4FA4A4C7 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.21474_none_96c99ef135283a90\lsass.exe
[2015/09/16 18:32:07 | 000,004,225 | ---- | M] () MD5=CBB600D0934E4C3EDFF1D310115C8920 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20985_none_96bfef95352f47fa\lsass.exe
[2014/03/11 01:39:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F1DA34D64F2BA200D28A7451804E2FEE -- C:\WINDOWS\SysNative\lsass.exe
[2014/03/11 01:39:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F1DA34D64F2BA200D28A7451804E2FEE -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.17450_none_9651a2bc1bfdfaaf\lsass.exe
[2015/09/16 18:32:00 | 000,004,946 | ---- | M] () MD5=F74C5BF59E68BA69E7D8393DDC204B6C -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16384_none_963549021c129d16\lsass.exe

Ardenlax
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 29 srp 2015 18:26

Re: Avast - Vytížení

#32 Příspěvek od Ardenlax »

< MD5 for: NDIS.SYS >
[2015/09/16 19:28:33 | 000,126,382 | ---- | M] () MD5=03E9A96A8AF1B863660D1E5282E2922D -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20623_none_b2e8a56ecabe1acf\ndis.sys
[2015/09/16 19:28:31 | 000,132,461 | ---- | M] () MD5=0B9DF98AEEEF834642BF925F34703374 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20534_none_b2ded3e6cac552f0\ndis.sys
[2015/09/16 19:28:30 | 000,132,461 | ---- | M] () MD5=0E17F948BA894418B7F3427C5B9B2872 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20521_none_b2e6a2f4cabfeafa\ndis.sys
[2015/09/16 19:28:34 | 000,123,250 | ---- | M] () MD5=2166049EB31AF4B9DD5B2D0C707046A8 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20733_none_b2ddd768cac633e7\ndis.sys
[2015/09/16 19:28:29 | 000,051,156 | ---- | M] () MD5=2317F143AC19DADA807E7548E8DF9ABC -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16628_none_b2640bfbb19bf6df\ndis.sys
[2015/09/16 19:28:24 | 000,132,457 | ---- | M] () MD5=303D2F37969B2899423EADC0DABE19B5 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16420_none_b25c05dfb1a331d9\ndis.sys
[2015/09/16 19:28:35 | 000,123,394 | ---- | M] () MD5=6FE6207FC51BE38AED4E743639759714 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20750_none_b2c536b2cad91fc4\ndis.sys
[2015/07/14 22:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\$Windows.~BT\Sources\Panther\193A075B-BFF2-4814-AA4B-7FBAA21E648F\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17933_none_4a48e22dfbdb75b0\ndis.sys
[2015/07/14 22:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\$Windows.~BT\Sources\Panther\9D7D2B8F-157F-4C6E-B163-0074565F0767\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17933_none_4a48e22dfbdb75b0\ndis.sys
[2013/06/16 23:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2013/06/16 23:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16643_none_b2496ab1b1b0b00e\ndis.sys
[2015/09/16 19:28:26 | 000,132,458 | ---- | M] () MD5=AFA0BCD8D133D85E4D92DB88B1642357 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16433_none_b25436d1b1a899cf\ndis.sys
[2015/09/16 19:28:27 | 000,126,379 | ---- | M] () MD5=D3315FAEB12F5497869F823F62A46909 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16518_none_b26eda01b193ddc7\ndis.sys
[2015/09/16 19:28:23 | 000,132,490 | ---- | M] () MD5=D7AA0824A4D65A5762BA790F491DBC70 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16384_none_b21f2599b1d041b4\ndis.sys

< MD5 for: NETLOGON.DLL >
[2012/07/26 04:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\SysWOW64\netlogon.dll
[2012/07/26 04:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_60d608f9f61ee049\netlogon.dll
[2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\WINDOWS\SysNative\netlogon.dll
[2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_56815ea7c1be1e4e\netlogon.dll

< MD5 for: NVRAID.SYS >
[2012/07/26 06:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2012/07/26 06:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2012/07/26 06:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2012/07/26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2012/07/26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2012/07/26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2012/07/26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\WINDOWS\SysNative\scecli.dll
[2012/07/26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\SysWOW64\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll

< MD5 for: SMSS.EXE >
[2012/07/26 06:26:45 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=08F850FEBDBDE7C89017B6B0CA0D1CD2 -- C:\WINDOWS\SysNative\smss.exe
[2012/07/26 06:26:45 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=08F850FEBDBDE7C89017B6B0CA0D1CD2 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.2.9200.16384_none_d72a7da7728fa356\smss.exe

< MD5 for: SVCHOST.EXE >
[2015/09/17 18:09:42 | 000,002,873 | ---- | M] () MD5=8477BA8147A916CD6D15BD391B0AE7E1 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[2015/09/26 11:15:24 | 000,003,208 | ---- | M] () MD5=978C2413DE5FBBDED7781055950C8A95 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2015/09/17 18:09:42 | 000,000,609 | ---- | M] () MD5=A2CE160551E774EF727DD8E09CC987E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[2013/04/21 10:05:01 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\SysWOW64\svchost.exe
[2013/04/21 10:05:01 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
[2015/09/26 11:15:26 | 000,000,583 | ---- | M] () MD5=D286D7C495D6D730CB8DE9182615B016 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe
[2013/04/21 10:04:56 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\WINDOWS\SysNative\svchost.exe
[2013/04/21 10:04:56 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe

< MD5 for: TCPIP.SYS >
[2015/09/19 08:56:10 | 000,373,281 | ---- | M] () MD5=1530CBF74714FDAD1DBE945FE36EF2D8 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16518_none_0c376e1eefee1300\tcpip.sys
[2015/09/19 08:57:01 | 000,373,271 | ---- | M] () MD5=208BC757A1042BE9F85F94DABD0FD937 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20623_none_0cb1398c09185008\tcpip.sys
[2015/09/19 08:55:56 | 000,374,509 | ---- | M] () MD5=24E19C1AAA8EFA578EB28F50D11DD3DF -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_0be7b9b6f02a76ed\tcpip.sys
[2014/09/13 07:24:47 | 002,233,152 | ---- | M] (Microsoft Corporation) MD5=2AE9136724568DB4F08BC04F131CFC54 -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/09/13 07:24:47 | 002,233,152 | ---- | M] (Microsoft Corporation) MD5=2AE9136724568DB4F08BC04F131CFC54 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.17121_none_0c257dcceffca295\tcpip.sys
[2015/09/19 08:56:14 | 000,262,902 | ---- | M] () MD5=606383CE9DE8046D90BB4C26FC73EFBC -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16548_none_0c16fe5af00666d3\tcpip.sys
[2015/09/19 08:57:36 | 000,362,676 | ---- | M] () MD5=622989BAA70924BAADEF3C328718A109 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.21237_none_0caa4c68091cf65a\tcpip.sys
[2015/06/11 21:12:57 | 002,476,376 | ---- | M] (Microsoft Corporation) MD5=746DDF7D59AB8D721C88D48434597E8D -- C:\$Windows.~BT\Sources\Panther\C97A8BB2-2A68-4B8B-B3D9-A52A6C06E338\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17903_none_a431e60f3a1d5716\tcpip.sys
[2015/09/19 08:57:22 | 000,363,425 | ---- | M] () MD5=7B4CA2BDAC01CFC68FB32B185CEE6214 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20927_none_0cb540660914acd9\tcpip.sys
[2015/09/19 08:56:23 | 000,227,893 | ---- | M] () MD5=8BAF331ACEE432A40B20BDE3804B481C -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16679_none_0bf790c6f01dd124\tcpip.sys
[2015/09/19 08:56:19 | 000,240,541 | ---- | M] () MD5=901657C056B6F8D400118B4E9FDB0825 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16628_none_0c2ca018eff62c18\tcpip.sys
[2015/09/19 08:56:00 | 000,375,362 | ---- | M] () MD5=A11048F4DB4E4136377863B9053DC86C -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16420_none_0c2499fceffd6712\tcpip.sys
[2015/09/19 08:56:36 | 000,224,516 | ---- | M] () MD5=C226AB010C1E4E32ED10827C762DA40D -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16808_none_0c4243bcefe5ee84\tcpip.sys
[2015/09/19 08:56:50 | 000,375,356 | ---- | M] () MD5=C69B5941B23351D21B42AC6B33F3D340 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20521_none_0caf3712091a2033\tcpip.sys
[2015/09/19 08:57:15 | 000,362,353 | ---- | M] () MD5=C7CAF0AD2D533A595DBB6EBADA2DDB0A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20787_none_0c745d1209455a31\tcpip.sys
[2015/09/19 08:57:11 | 000,369,688 | ---- | M] () MD5=F5F30BE4B962DCCC31B0AE7AA35FF57C -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20733_none_0ca66b8609206920\tcpip.sys
[2015/09/19 08:57:06 | 000,373,637 | ---- | M] () MD5=FED1C1D82FBC51B848459F1F82BF77E8 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20652_none_0c8fc97e09318a84\tcpip.sys

< MD5 for: USERINIT.EXE >
[2012/07/26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\WINDOWS\SysNative\userinit.exe
[2012/07/26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

< MD5 for: WINLOGON.EXE >
[2015/09/19 15:37:02 | 000,072,808 | ---- | M] () MD5=070F91FF7EC7D3CEA9D9350AA3251AA8 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21012_none_c95fd5c6779c8076\winlogon.exe
[2015/09/19 15:37:11 | 000,072,808 | ---- | M] () MD5=10B213BDA77FDC83ABC448F5F1C1BE73 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21548_none_c945713c77af5e16\winlogon.exe
[2015/09/19 15:36:50 | 000,082,423 | ---- | M] () MD5=31040D4A4EB0F43E9E3661EFE01BE9CF -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2015/09/19 15:36:57 | 000,001,584 | ---- | M] () MD5=31DD544256B653B0FC191FACD7E59582 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17422_none_c8cb728d5e86ee60\winlogon.exe
[2015/09/19 15:37:00 | 000,082,427 | ---- | M] () MD5=3B5912DDB17D0331C0A6C66CDBB78B6A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
[2015/09/19 15:37:09 | 000,072,808 | ---- | M] () MD5=499C60571E0ECB9BE8890E1BE34D2968 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21526_none_c959108077a0f386\winlogon.exe
[2015/09/19 15:36:59 | 000,082,925 | ---- | M] () MD5=5B3323C10718CD8AD1A05C292E491924 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2015/09/19 15:37:06 | 000,072,808 | ---- | M] () MD5=6050144D72F3A6E244AA8A497D51A321 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21290_none_c907599e77df279e\winlogon.exe
[2015/09/19 15:36:47 | 000,082,933 | ---- | M] () MD5=622405EAA89DF7671FF5C93613EA2C45 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2015/09/19 15:37:05 | 000,072,808 | ---- | M] () MD5=6FE128A58550FEC7D98DC347D369C8FE -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21269_none_c930cbfc77beb7da\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\WINDOWS\SysNative\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16891_none_c87ee12f5ec0739b\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17014_none_c8d83b755e7d1081\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17127_none_c8d06e4d5e82759e\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17150_none_c8a8fc835ea11810\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17172_none_c8955d3f5eaf82a0\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17362_none_c8a030f75ea760fd\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17417_none_c8db43eb5e7a5122\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17438_none_c8c6a45d5e89a25b\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17450_none_c8a902355ea10f85\winlogon.exe
[2014/04/12 10:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\Temp\InFlight\71e99cf7722cd10102000000f016b407\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17218_none_c8dc40695e79702b\winlogon.exe
[2015/09/19 15:37:10 | 000,072,808 | ---- | M] () MD5=81040F47254FAA2A1E5E6284CCAE388F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21531_none_c9493f2277ad90c4\winlogon.exe
[2015/09/19 15:36:48 | 000,082,923 | ---- | M] () MD5=9BC624DAECA7817E637F9897DDAC5EC8 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2015/09/19 15:37:03 | 000,072,808 | ---- | M] () MD5=9F5A138115348D0C225B39A07C4F1BB5 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21243_none_c9406a1877b3e7ee\winlogon.exe
[2015/09/19 15:37:08 | 000,072,808 | ---- | M] () MD5=E2C59C958DE9065885DA3C2ED206D080 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21474_none_c920fe6a77cb4f66\winlogon.exe
[2015/09/19 15:37:12 | 000,072,808 | ---- | M] () MD5=E824B8BC1B97B38611EEBE415F96B911 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21561_none_c928cf5e77c5e497\winlogon.exe
[2015/09/19 15:37:03 | 000,072,808 | ---- | M] () MD5=F1C84DF319BBD03F6903C427478FC334 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21133_none_c94b381e77abced6\winlogon.exe

< MD5 for: WS2_32.DLL >
[2012/07/26 06:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\WINDOWS\SysNative\ws2_32.dll
[2012/07/26 06:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_4b815827581a3bbb\ws2_32.dll
[2012/07/26 04:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\SysWOW64\ws2_32.dll
[2012/07/26 04:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_ef62bca39fbcca85\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[7 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\WinSxS\*.tmp files -> C:\WINDOWS\WinSxS\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015/09/13 18:25:03 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Adobe
[2015/09/05 08:50:47 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Apple Computer
[2015/09/04 21:24:24 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Atheros
[2015/09/05 18:40:45 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\AVAST Software
[2015/09/06 11:36:01 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Battle.net
[2015/09/04 21:34:43 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\ClassicShell
[2015/10/07 20:39:29 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\DAEMON Tools Lite
[2015/09/19 18:54:42 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Dropbox
[2015/10/13 17:32:00 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Exanima
[2015/10/27 22:16:20 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Fatshark
[2015/09/28 19:37:15 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Guild Wars 2
[2015/09/05 08:50:38 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\IObit
[2015/10/10 21:59:15 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\JpegMini
[2015/09/04 21:23:18 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\lm
[2015/10/02 14:12:26 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\LolClient
[2015/09/04 21:24:59 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Macromedia
[2015/11/10 13:46:00 | 000,000,000 | --SD | M] -- C:\Users\Alexandr\AppData\Roaming\Microsoft
[2015/09/20 17:51:40 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Mount&Blade Warband
[2015/09/20 09:19:05 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Mount&Blade With Fire and Sword
[2015/10/31 10:29:09 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2015/09/20 21:27:13 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\NVIDIA
[2015/09/05 08:51:32 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\ProductData
[2015/12/09 20:49:29 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Riot Games
[2015/12/09 19:52:10 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Skype
[2015/10/07 20:54:10 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Steam
[2015/09/08 19:09:54 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\Sun
[2015/12/04 19:21:21 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\The Creative Assembly
[2015/12/02 22:23:26 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\TS3Client
[2015/12/08 21:11:04 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\uTorrent
[2015/12/05 11:34:55 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\vlc
[2015/09/19 10:08:25 | 000,000,000 | ---D | M] -- C:\Users\Alexandr\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2015/09/05 08:50:21 | 000,588,576 | ---- | M] () -- C:\Users\Alexandr\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
[2015/09/05 08:50:21 | 000,933,664 | ---- | M] () -- C:\Users\Alexandr\AppData\Roaming\IObit\IObit Uninstaller\PPUninstallertemp.exe
[2015/09/05 08:50:23 | 000,776,992 | ---- | M] () -- C:\Users\Alexandr\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2015/08/12 14:38:20 | 001,720,096 | ---- | M] (IObit) -- C:\Users\Alexandr\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2015/11/10 13:43:06 | 000,786,492 | ---- | M] () -- C:\Users\Alexandr\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2015/11/10 13:43:08 | 015,823,872 | ---- | M] () -- C:\Users\Alexandr\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2015/11/10 13:43:06 | 000,107,008 | ---- | M] () -- C:\Users\Alexandr\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2015/04/25 19:30:00 | 000,294,312 | ---- | M] (emc) -- C:\Users\Alexandr\AppData\Roaming\uTorrent\uninstall.exe
[2015/02/22 20:30:00 | 000,416,168 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Alexandr\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015/12/09 20:19:03 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2015/11/10 03:44:38 | 003,011,152 | ---- | M] (Valve Corporation)
"MK LOL" = "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto -- [2015/11/11 17:10:34 | 001,095,704 | ---- | M] (MKGame)
"DAEMON Tools Lite Automount" = "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun -- [2015/06/18 13:57:42 | 004,468,056 | ---- | M] (Disc Soft Ltd)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015/08/20 00:08:54 | 008,455,960 | ---- | M] (Piriform Ltd)
"Overwolf" = C:\Program Files (x86)\Overwolf\Overwolf.exe -silent -- [2015/12/01 09:58:22 | 000,045,296 | ---- | M] (Overwolf LTD)
"EvolveClient" = "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun -- [2015/11/12 20:01:28 | 003,334,528 | ---- | M] (Echobit LLC)
"MyComGames" = "C:\Users\Alexandr\AppData\Local\MyComGames\MyComGames.exe" -autostart -- [2015/11/27 21:33:24 | 004,650,952 | ---- | M] (MY.COM B.V.)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2015/12/01 03:21:46 | 050,754,688 | R--- | M] (Skype Technologies S.A.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/12/09 20:26:06 | 000,000,512 | ---- | M] () MD5=E5225ECA37A3B980EBD6D696C3A33C09 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2015/03/23 17:55:36 | 000,111,452 | ---- | M] () -- \GOG Games\Pillars of Eternity\PillarsOfEternity_Data\assetbundles\prefabs\objectbundle\animat_crackling_bolt.unity3d
[2015/03/23 17:59:01 | 000,204,964 | ---- | M] () -- \GOG Games\Pillars of Eternity\PillarsOfEternity_Data\assetbundles\prefabs\objectbundle\crackling_bolt.unity3d
[2015/03/23 17:52:57 | 000,022,460 | ---- | M] () -- \GOG Games\Pillars of Eternity\PillarsOfEternity_Data\assetbundles\prefabs\objectbundle\quest_item_wurm_egg_cracked.unity3d
[2015/01/14 07:47:06 | 001,490,916 | ---- | M] () -- \GOG Games\Pillars of Eternity\PillarsOfEternity_Data\assetbundles\prefabs\objectbundle\scroll_of_crackling_bolt.unity3d
[2015/03/23 17:50:16 | 000,219,636 | ---- | M] () -- \GOG Games\Pillars of Eternity\PillarsOfEternity_Data\assetbundles\prefabs\objectbundle\scroll_of_crackling_bolt_l3.unity3d
[2015/09/06 17:30:46 | 000,002,748 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Empire Total War\data\ui\Campaign UI\Pips\military-crackdown-repression.tga
[2015/09/10 07:16:03 | 000,001,277 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data-pc\fx\explosion_firecracker.fx
[2015/09/10 07:17:42 | 000,000,649 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data-pc\fx\sparks_firecracker_trail.fx
[2014/10/17 18:37:44 | 000,043,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Medieval II Total War\mods\The_Elder_Scrolls\data\settlements\aztec\overlays\cracked_mud_macro.texture
[2014/10/17 18:37:44 | 000,174,952 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Medieval II Total War\mods\The_Elder_Scrolls\data\settlements\aztec\overlays\cracked_mud_micro.texture
[2015/09/19 19:02:21 | 000,083,645 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Mount & Blade With Fire and Sword\Sounds\Fire_Small_Crackle_Slick_op.ogg
[2015/09/05 21:54:59 | 000,083,645 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\MountBlade Warband\Sounds\Fire_Small_Crackle_Slick_op.ogg
[2015/12/02 06:04:55 | 001,085,311 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\SMITE\BattleGame\CookedPC\Characters\NPCs\NPC_Ward_Firecracker.upk
[2015/09/22 18:30:03 | 000,051,632 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\SMITE\BattleGame\CookedPC\Sounds\AUD_NPC_Ward_Firecracker.upk
[2015/09/10 07:13:43 | 000,013,160 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\gm\cracks.gm1
[2015/09/08 21:24:30 | 000,000,822 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Terraria\Content\Images\TileCracks.xnb
[2010/03/04 18:59:09 | 000,002,748 | ---- | M] () -- \Program Files\Napoleon Total War\data\ui\campaign ui\pips\military-crackdown-repression.tga
[2015/11/10 13:42:14 | 000,001,282 | ---- | M] () -- \Users\Alexandr\AppData\Roaming\Microsoft\Windows\Recent\Setup+crack.lnk

< *keygen* /s >
[2015/03/23 17:52:06 | 000,030,548 | ---- | M] () -- \GOG Games\Pillars of Eternity\PillarsOfEternity_Data\assetbundles\prefabs\objectbundle\keygeneric.unity3d
[2015/11/09 20:48:54 | 000,000,265 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Microsoft Office 2010 Pro Plus x64 & x86 Activator and Keygen.exe.log
[2010/11/06 05:29:17 | 026,690,560 | ---- | M] () -- \Users\Alexandr\Desktop\Microsoft Office 2010 Pro Plus x64 & x86 Activator and Keygen.exe
[1 \Users\Alexandr\Desktop\*.tmp files -> \Users\Alexandr\Desktop\*.tmp -> ]

< *AntiWPA* /s >

< *loader* /s >
[2014/11/07 03:03:35 | 000,716,288 | ---- | M] () -- \$Windows.~BT\Sources\upgloader.dll
[4 \$Windows.~BT\Sources\*.tmp files -> \$Windows.~BT\Sources\*.tmp -> ]
[2013/08/22 20:36:48 | 000,022,528 | ---- | M] () -- \$Windows.~BT\Sources\cs-cz\upgloader.dll.mui
[2014/12/14 01:01:54 | 000,716,288 | ---- | M] () -- \$Windows.~BT\Sources\Panther\411D9B84-F74E-4985-B8F4-D61B31871B7C\amd64_microsoft-windows-i..sedsetup-media-base_31bf3856ad364e35_6.3.9600.17557_none_873cfefefcdd916b\upgloader.dll
[2015/04/23 17:05:34 | 000,716,288 | ---- | M] () -- \$Windows.~BT\Sources\Panther\7ACC0B25-628D-4EC0-BE6A-BF5FAD36F9D5\amd64_microsoft-windows-i..sedsetup-media-base_31bf3856ad364e35_6.3.9600.17813_none_87644338fcc0b3c0\upgloader.dll
[2013/08/22 05:36:46 | 000,004,656 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2014/02/23 08:48:30 | 000,004,659 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2013/08/22 05:28:38 | 000,020,992 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\setup\sources\en-us\upgloader.dll.mui
[2015/10/26 21:11:14 | 000,000,404 | ---- | M] () -- \PBE\RADS\projects\lol_air_client\releases\0.0.3.234\deploy\assets\htmlTemplates\events\bwRewards\img\loader-squares.gif
[2015/10/26 21:11:14 | 000,050,167 | ---- | M] () -- \PBE\RADS\projects\lol_air_client\releases\0.0.3.234\deploy\assets\htmlTemplates\events\bwRewards\img\loader.gif
[2015/10/26 21:44:27 | 000,000,404 | ---- | M] () -- \PBE\RADS\projects\lol_air_client\releases\0.0.3.234\deploy\assets\storeImages\layout\small_loader.gif
[2013/02/20 00:04:28 | 001,592,904 | ---- | M] () -- \Program Files (x86)\Acer\Acer Cloud\BT\Win32\SmBIOSWmiLoader.dll
[2013/02/20 00:04:28 | 002,169,416 | ---- | M] () -- \Program Files (x86)\Acer\Acer Cloud\BT\x64\SmBIOSWmiLoader.dll
[2013/01/30 04:31:12 | 000,010,776 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\mm\MediaCtrl\ImageLoader.kc
[2013/01/30 04:31:15 | 000,003,505 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\widget\langloader.kc
[2013/01/30 04:31:15 | 000,012,808 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\widget\layoutloader.kc
[2013/02/06 03:36:41 | 000,126,528 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Video\koan\pyloader.dll
[2010/03/24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2007/10/12 15:19:58 | 000,052,232 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\AddinLoader.dll
[2007/10/12 15:20:18 | 000,129,024 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\VSTOLoader.dll
[2007/10/12 15:20:14 | 000,017,416 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\1033\VSTOLoaderUI.dll
[2008/07/29 22:23:46 | 000,211,456 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\9.0\VSTOLoader.dll
[2008/06/17 17:39:56 | 000,018,952 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\9.0\1033\VSTOLoaderUI.dll
[2013/12/20 00:37:56 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013/12/20 00:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013/12/20 00:37:44 | 000,073,536 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013/12/20 00:37:44 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2015/08/19 14:51:46 | 000,001,657 | ---- | M] () -- \Program Files (x86)\Overwolf\0.88.101.0\Licenses\TextureLoader.txt
[2015/10/28 13:52:40 | 000,001,657 | ---- | M] () -- \Program Files (x86)\Overwolf\0.90.119.0\Licenses\TextureLoader.txt
[2015/11/16 10:24:44 | 000,001,657 | ---- | M] () -- \Program Files (x86)\Overwolf\0.90.220.0\Licenses\TextureLoader.txt
[2015/12/01 09:56:58 | 000,001,657 | ---- | M] () -- \Program Files (x86)\Overwolf\0.91.22.0\Licenses\TextureLoader.txt
[2014/12/10 02:28:04 | 000,001,701 | ---- | M] () -- \Program Files (x86)\Steam\friends\broadcastuploaderrornotification.res
[2014/11/11 19:48:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2015/09/10 07:19:40 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\0_1_preloader.lua
[2015/09/10 07:27:02 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\1_1_preloader.lua
[2015/09/10 07:19:14 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\1_2_preloader.lua
[2015/09/10 07:16:48 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\1_3_preloader.lua
[2015/09/10 07:16:48 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\1_4_preloader.lua
[2015/09/10 07:25:31 | 000,000,932 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\2_1_preloader.lua
[2015/09/10 07:27:02 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\2_2_preloader.lua
[2015/09/10 07:26:43 | 000,000,932 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\2_3_preloader.lua
[2015/09/10 07:19:14 | 000,000,932 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\2_4_preloader.lua
[2015/09/10 07:19:14 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\3_1_preloader.lua
[2015/09/10 07:20:02 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\3_2_preloader.lua
[2015/09/10 07:25:31 | 000,000,865 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\3_dlc_preloader.lua
[2015/09/10 07:20:02 | 000,000,863 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\4_1_preloader.lua
[2015/09/10 07:25:31 | 000,000,900 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\data\attributes\4_2_preloader.lua
[2015/09/05 21:56:47 | 000,039,424 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mbw_workshop_uploader.exe
[2015/10/18 10:40:58 | 000,041,984 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\MountBlade Warband\Modules\cRPG\WSE\WSELoader.exe
[2015/10/18 10:41:01 | 000,039,936 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\MountBlade Warband\Modules\cRPG\WSE\WSELoaderServer.exe
[2015/10/05 20:46:30 | 000,065,344 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\QUBE Directors Cut\Binaries\Win32\PhysXLoader.dll
[2015/09/22 18:27:23 | 000,051,712 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\PhysXLoader.dll
[2008/05/27 09:43:24 | 000,001,666 | ---- | M] () -- \Program Files (x86)\Zaklínač rozšířená edice\System\Scripts\CSkinLoader.luc
[2015/09/05 18:35:52 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015/09/05 18:35:53 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2015/09/20 15:57:41 | 000,105,424 | ---- | M] () -- \Program Files\AVAST Software\Avast\ng\aswSfLoader.exe
[2010/03/24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2015/11/07 12:47:55 | 000,021,591 | ---- | M] () -- \Program Files\Echobit\Evolve\Apps\evolve-core\libraries\vendor\jsclass\loader-browser.js
[2015/11/07 12:47:55 | 000,025,332 | ---- | M] () -- \Program Files\Echobit\Evolve\Apps\evolve-core\libraries\vendor\jsclass\loader.js
[2013/02/06 18:39:28 | 000,003,282 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-100.png
[2013/02/06 18:39:28 | 000,003,471 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-140.png
[2013/02/06 18:39:28 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-100.png
[2013/02/06 18:39:28 | 000,003,447 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-140.png
[2013/02/06 18:39:28 | 000,003,290 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-100.png
[2013/02/06 18:39:28 | 000,003,450 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-140.png
[2013/02/06 18:39:28 | 000,003,307 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-100.png
[2013/02/06 18:39:28 | 000,003,478 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-140.png
[2013/02/06 18:39:28 | 000,003,272 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-100.png
[2013/02/06 18:39:28 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-140.png
[2013/02/06 18:39:28 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-100.png
[2013/02/06 18:39:28 | 000,003,458 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-140.png
[2013/02/06 18:39:28 | 000,003,286 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-100.png
[2013/02/06 18:39:28 | 000,003,469 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-140.png
[2013/02/06 18:39:28 | 000,003,298 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-100.png
[2013/02/06 18:39:28 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_1.0.0.3009_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-140.png
[2013/01/27 16:03:36 | 000,001,849 | ---- | M] () -- \Program Files\WindowsApps\esobiIncorporated.newsXpressoMetro_2.0.1.141_neutral__sngswjb5h6fyg\Assets\Web\lib\galleria\classic-loader.gif
[2013/04/02 20:45:43 | 000,032,157 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2013/04/02 05:42:54 | 000,002,089 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2013/04/02 05:42:56 | 000,001,326 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2013/04/02 05:42:56 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2013/04/02 05:42:56 | 000,002,552 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2013/04/02 05:42:58 | 000,001,915 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2013/04/02 05:42:58 | 000,005,019 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2013/04/02 05:42:12 | 000,053,532 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.2.143.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/04/02 05:42:34 | 000,053,532 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.2.150.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/04/02 05:43:08 | 000,053,532 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.2.150.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2015/02/15 13:01:07 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Ace32Loader.exe
[2015/09/05 08:50:30 | 000,001,498 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\ASCInstaller_Downloader.log
[2015/12/09 20:18:30 | 000,456,710 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2015/12/03 13:26:06 | 000,003,605 | ---- | M] () -- \Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\img\loader.gif
[2015/11/21 14:03:41 | 000,002,250 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AppDownloader.exe.log
[2015/10/07 18:27:06 | 000,021,956 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPX0MLHI\loader_30fps[1].gif
[2015/11/06 18:15:18 | 000,021,956 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPX0MLHI\loader_30fps[2].gif
[2015/09/20 17:31:02 | 000,001,980 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P7689LVD\AdLoader[1].htm
[2015/11/13 17:32:26 | 000,001,980 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P7689LVD\AdLoader[2].htm
[2015/09/27 15:21:49 | 000,000,353 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC2JW4N6\queryLoader[1].css
[2015/10/02 19:38:49 | 000,000,353 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC2JW4N6\queryLoader[2].css
[2015/11/20 15:06:12 | 000,019,121 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2YVHHF8\AdLoader-288a31a04e1398b1a794975bf93ce9a4.min[1].js
[2015/10/16 18:48:49 | 000,001,980 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2YVHHF8\AdLoader[1].htm
[2015/11/19 18:03:57 | 000,001,980 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2YVHHF8\AdLoader[2].htm
[2015/11/11 17:49:53 | 000,000,353 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2YVHHF8\queryLoader[2].css
[2015/09/20 17:40:47 | 000,012,811 | ---- | M] () -- \Users\Alexandr\AppData\Local\Overwolf\InstallerCache\preloader_3337.gif
[2015/11/21 23:45:35 | 005,461,488 | ---- | M] () -- \Users\Alexandr\Desktop\Hry\ArmwarMycomLoader_en.exe
[2015/11/07 21:19:36 | 000,003,026 | ---- | M] () -- \Users\Alexandr\Downloads\World of Warcraft 3.3.5a (no install)\Data\enUS\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2015/11/07 21:19:35 | 000,004,261 | ---- | M] () -- \Users\Alexandr\Downloads\World of Warcraft 3.3.5a (no install)\Data\enUS\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2015/09/05 08:50:30 | 000,001,498 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\ASCInstaller_Downloader.log
[2015/12/09 20:18:30 | 000,456,710 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2008/06/17 17:39:56 | 000,205,312 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\05835BF8A6427053A8ED000690F3EF6A\9.0.21022\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2015/11/21 12:29:52 | 000,211,016 | ---- | M] () -- \Windows\Prefetch\APPDOWNLOADER.EXE-3ECB2B26.pf
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\WinSxS\*.tmp files -> \Windows\WinSxS\*.tmp -> ]
[2012/07/26 05:53:16 | 001,084,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.efi
[2012/07/26 05:53:16 | 000,998,128 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.exe
[2013/04/21 10:26:28 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.efi
[2013/04/21 10:26:28 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.exe
[2013/03/02 11:39:39 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.efi
[2013/03/02 11:39:39 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.exe
[2013/03/02 11:39:39 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.efi
[2013/04/09 06:24:49 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.exe
[2013/06/01 13:02:14 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.efi
[2013/06/01 13:02:14 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.exe
[2013/04/21 10:26:28 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.efi
[2013/04/21 10:26:28 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.exe
[2013/03/02 11:22:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.efi
[2013/03/02 11:22:17 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.exe
[2013/03/02 11:22:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.efi
[2013/04/09 01:24:11 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.exe
[2013/06/01 13:49:37 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.efi
[2013/06/01 13:49:37 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.exe
[2012/07/26 04:05:30 | 000,047,616 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_9ebdc35619670551\dmloader.dll
[2012/07/26 03:35:54 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:35:54 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:35:58 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-stringloader-l1-1-0.dll
[2013/07/15 20:43:27 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c.manifest
[2013/07/15 20:43:27 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winload.efi.mui_35ee487d
[2013/07/15 20:43:27 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winload.exe.mui_3bc5b827
[2013/07/15 20:43:27 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winresume.efi.mui_f412814e
[2013/07/15 20:43:27 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winresume.exe.mui_ff8b5358
[2012/07/26 08:49:21 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a.manifest
[2012/07/26 08:49:21 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winload.efi.mui_35ee487d
[2012/07/26 08:49:21 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winload.exe.mui_3bc5b827
[2012/07/26 08:49:21 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winresume.efi.mui_f412814e
[2012/07/26 08:49:21 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winresume.exe.mui_ff8b5358
[2015/09/05 14:57:53 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.17026_none_b4332538f638c373.manifest
[2015/09/05 14:57:53 | 001,403,896 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.17026_none_b4332538f638c373_winload.efi_75834aa0
[2015/09/05 14:57:53 | 001,271,664 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.17026_none_b4332538f638c373_winload.exe_75835076
[2015/09/05 14:57:53 | 001,217,352 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.17026_none_b4332538f638c373_winresume.efi_85cd069f
[2015/09/05 14:57:53 | 001,093,904 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.17026_none_b4332538f638c373_winresume.exe_85cd1215
[2012/07/26 09:11:35 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/07/15 20:39:44 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c.manifest
[2012/07/26 08:47:51 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a.manifest
[2012/07/26 06:00:58 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16384_none_b3f06196f66b163f.manifest
[2013/04/21 10:04:04 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16420_none_b42d41dcf63e0664.manifest
[2013/04/21 10:26:01 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_b42572cef6436e5a.manifest
[2013/04/09 07:04:17 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16579_none_b40036c0f65e734f.manifest
[2013/06/01 12:31:54 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2014/06/12 05:40:55 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.17026_none_b4332538f638c373.manifest
[2013/04/21 10:04:04 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20521_none_b4b7def20f5abf85.manifest
[2013/04/21 10:26:01 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20534_none_b4b00fe40f60277b.manifest
[2013/04/09 01:53:04 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20683_none_b47901e40f899700.manifest
[2013/06/01 13:10:50 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20733_none_b4af13660f610872.manifest
[2014/06/12 05:58:41 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.21143_none_b4a4214e0f694f1a.manifest
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_429f27d26109941b\dmloader.dll
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-stringloader-l1-1-0.dll

Ardenlax
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 29 srp 2015 18:26

Re: Avast - Vytížení

#33 Příspěvek od Ardenlax »

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2015/11/09 20:48:54 | 000,000,265 | ---- | M] () -- \Users\Alexandr\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\Microsoft Office 2010 Pro Plus x64 & x86 Activator and Keygen.exe.log
[2010/11/06 05:29:17 | 026,690,560 | ---- | M] () -- \Users\Alexandr\Desktop\Microsoft Office 2010 Pro Plus x64 & x86 Activator and Keygen.exe
[1 \Users\Alexandr\Desktop\*.tmp files -> \Users\Alexandr\Desktop\*.tmp -> ]

< *serial* /s >
[2013/08/22 06:09:02 | 000,001,154 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_en-us_0659b95168cd2142.manifest
[2013/08/22 05:50:00 | 000,001,852 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 06:08:06 | 000,008,830 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.cat
[2013/08/22 05:36:48 | 000,000,781 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.mum
[2013/08/22 05:36:48 | 000,000,508 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_en-us_80951863a93f3c56.manifest
[2013/08/22 05:36:48 | 000,000,548 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_en-us_d5f7bfa5c739f91d.manifest
[2013/08/22 05:36:08 | 000,000,232 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 05:34:50 | 000,005,120 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_en-us_827f8cf89e9c274e\serialui.dll.mui
[2013/08/22 05:33:54 | 000,010,240 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f8cacded072dc6f7\serial.sys.mui
[2013/08/21 22:21:08 | 000,005,120 | ---- | M] () -- \$Windows.~BT\Sources\Panther\9842B655-EE9F-4396-8840-442EAA3890C2\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_en-us_2660f174e63eb618\serialui.dll.mui
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/08/03 05:44:51 | 000,090,112 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2013/08/17 01:06:27 | 000,131,072 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\system.runtime.serialization.formatters.soap.dll
[2013/08/03 05:47:46 | 000,847,872 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\system.runtime.serialization.dll
[2013/08/03 05:47:44 | 000,847,872 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\system.runtime.serialization.dll
[2013/08/17 01:06:31 | 000,131,072 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\system.runtime.serialization.formatters.soap.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/03 05:41:46 | 000,970,752 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\system.runtime.serialization.dll
[2013/08/03 05:44:51 | 000,090,112 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2013/08/03 05:41:46 | 000,970,752 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\system.runtime.serialization.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \$Windows.~BT\Sources\sxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/03 05:41:46 | 000,970,752 | ---- | M] () -- \$Windows.~BT\Sources\sxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\system.runtime.serialization.dll
[2014/07/10 05:58:04 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2015/09/11 21:13:46 | 000,020,800 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\AutoReporter.XmlSerializers.dll
[2014/07/10 05:58:41 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/07/15 20:43:01 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2015/09/06 11:45:43 | 001,207,296 | ---- | M] () -- \Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.sledujuserialy.cz_0.localstorage
[2015/09/06 11:45:43 | 000,000,000 | ---- | M] () -- \Users\Alexandr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.sledujuserialy.cz_0.localstorage-journal
[2013/07/15 20:43:01 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/23 19:32:49 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/07/15 20:43:01 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/07/10 05:58:04 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2015/11/07 12:44:08 | 000,306,176 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\07a148aef7506693cd919b2bd2d216c5\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015/11/07 12:44:08 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\07a148aef7506693cd919b2bd2d216c5\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015/09/06 18:49:53 | 002,803,200 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\78d0c41c620debaa923cfc196824adc1\System.Runtime.Serialization.ni.dll
[2015/09/06 18:49:53 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\78d0c41c620debaa923cfc196824adc1\System.Runtime.Serialization.ni.dll.aux
[2015/11/07 12:44:38 | 000,366,080 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\0a8ab2447240bbee768ba4be2fcaa3f3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015/11/07 12:44:38 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\0a8ab2447240bbee768ba4be2fcaa3f3\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015/09/06 10:56:46 | 003,529,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\60fc66a724cb5cf5b8d206c19fb9dbe5\System.Runtime.Serialization.ni.dll
[2015/09/06 10:56:46 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\60fc66a724cb5cf5b8d206c19fb9dbe5\System.Runtime.Serialization.ni.dll.aux
[2012/07/26 09:09:26 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2012/07/26 08:21:08 | 000,004,224 | ---- | M] () -- \Windows\Inf\c_multiportserial.PNF
[2012/08/31 01:51:52 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/12 03:02:06 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 03:02:06 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012/07/12 03:02:06 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014/06/06 05:38:53 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012/07/12 03:02:06 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/24 04:33:01 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/07/12 03:02:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012/07/12 03:02:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/23 19:32:49 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/07/15 20:43:00 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/07/10 05:58:04 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 04:33:01 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/12 03:02:06 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 03:02:06 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/12 03:02:06 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/12 03:02:06 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/12 03:02:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012/07/12 03:02:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/08/31 01:51:52 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:52 | 000,113,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014/06/23 23:09:47 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/07/15 20:43:00 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/07/10 05:58:42 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 04:33:24 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/12 03:01:17 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 03:01:17 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/12 03:01:17 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/12 03:01:17 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/12 03:01:20 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012/07/12 03:01:20 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/08/31 01:51:45 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:46 | 000,113,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2012/07/26 04:19:54 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/07/15 20:42:49 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2012/07/26 08:48:33 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2012/07/25 21:35:47 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_45188a76c7257c7d\c_multiportserial.inf
[2012/07/26 03:30:01 | 000,076,800 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_b9497ff7bf3c4b05\serial.sys
[2012/07/26 08:48:47 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2012/07/26 04:19:54 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013/07/15 20:42:49 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2012/07/26 08:48:47 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[1 \Windows\WinSxS\*.tmp files -> \Windows\WinSxS\*.tmp -> ]
[2012/07/26 08:48:33 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_9df633403910846e\c_multiportserial.inf_loc
[2012/07/25 21:35:47 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.2.9200.16384_none_f9bc515a3410ee82\c_multiportserial.inf
[2015/09/16 19:27:37 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_18f61258351a4915\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2015/09/16 19:27:53 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_192822b234f5552b\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/15 20:43:00 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.17044_cs-cz_1921358e34f9fb7d\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2015/09/16 19:28:01 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_19b2bfc74e120e4c\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2015/09/16 19:28:08 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.21161_cs-cz_199231a34e2a8724\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/15 20:42:49 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_a73488f66d6efa73\serialui.dll.mui
[2012/07/26 08:48:47 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_en-us_ea8ad452546956d1\serialui.dll.mui
[2012/07/26 04:07:10 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.2.9200.16384_none_4dcb48f2a86ef2b0\serialui.dll
[2015/09/19 15:30:20 | 000,000,184 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_b63db9f5dc430f52\System.RunTime.Serialization.Resources.dll
[2015/09/19 15:30:24 | 000,000,184 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_b66fca4fdc1e1b68\System.RunTime.Serialization.Resources.dll
[2013/07/15 20:43:01 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.17044_cs-cz_b668dd2bdc22c1ba\System.RunTime.Serialization.Resources.dll
[2015/09/19 15:30:27 | 000,000,184 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_b6fa6764f53ad489\System.RunTime.Serialization.Resources.dll
[2015/09/19 15:30:30 | 000,000,184 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.21161_cs-cz_b6d9d940f5534d61\System.RunTime.Serialization.Resources.dll
[2013/07/15 20:42:42 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_1d7fc9ead6009a1c\serial.sys.mui
[2012/07/26 08:48:33 | 000,010,240 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_60d61546bcfaf67a\serial.sys.mui
[2012/07/26 03:30:01 | 000,076,800 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.2.9200.16384_none_5161581642227a2a\serial.sys
[2015/09/19 15:41:03 | 000,004,892 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_6b79c54ad2b7ba05\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015/09/19 15:40:52 | 000,004,906 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_6b79c54ad2b7ba05\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:45 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_6babd5a4d292c61b\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:46 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_6babd5a4d292c61b\System.RunTime.Serialization.resources.dll
[2015/09/19 15:41:52 | 000,002,683 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_6c3672b9ebaf7f3c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015/09/19 15:41:44 | 000,003,257 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_6c3672b9ebaf7f3c\System.RunTime.Serialization.resources.dll
[2012/07/12 03:01:17 | 000,132,656 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9200.16384_none_d68148ce3ff07e02\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 03:01:17 | 000,022,048 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_43a8275875494b8e\System.Runtime.Serialization.Primitives.dll
[2012/07/12 03:01:17 | 000,022,024 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_e25d0cd734f43e04\System.Runtime.Serialization.Json.dll
[2012/07/12 03:01:17 | 000,022,016 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_c974e4aa59db7371\System.Runtime.Serialization.Xml.dll
[2012/07/12 03:01:17 | 001,050,096 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_8f14a7bb8fcb8036\System.Runtime.Serialization.dll
[2013/02/23 00:09:26 | 001,050,728 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16543_none_8f10bd138fcf01db\System.Runtime.Serialization.dll
[2014/04/16 19:19:58 | 001,060,608 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.17006_none_8f0c7a2d8fd2e4f4\System.Runtime.Serialization.dll
[2014/07/24 04:33:24 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.17061_none_8f12edd18fccfcd9\System.Runtime.Serialization.dll
[2013/02/23 00:13:33 | 001,051,768 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20647_none_7842bb33a976c865\System.Runtime.Serialization.dll
[2014/04/16 19:18:42 | 001,060,608 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.21126_none_7840d401a97877a8\System.Runtime.Serialization.dll
[2014/07/12 00:18:47 | 001,059,544 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.21180_none_78475e6da97275ec\System.Runtime.Serialization.dll
[2012/07/12 03:01:20 | 000,036,320 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_fed799684e8c8f15\System.Xml.Serialization.dll
[2012/07/12 03:01:20 | 000,022,496 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_ea6130aafff18bc8\System.Xml.XmlSerializer.dll
[2012/07/26 09:23:07 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_e04b053008b35686\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:09:47 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.17044_none_e047065a08b6ed5e\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:12:30 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.21161_none_c97ba486225c332f\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/06 03:02:29 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16384_none_8fbcf8a56818c79c\System.Runtime.Serialization.dll
[2014/06/28 00:09:02 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.17044_none_8fb8f9cf681c5e74\System.Runtime.Serialization.dll
[2014/07/10 05:58:42 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.17053_none_8fba10e1681b5e2a\System.Runtime.Serialization.dll
[2014/05/24 04:11:24 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.21161_none_78ed97fb81c1a445\System.Runtime.Serialization.dll
[2014/07/10 05:55:18 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.21172_none_78ee817d81c0d73d\System.Runtime.Serialization.dll
[2012/07/06 03:02:29 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_ca94056fbc10c235\System.Runtime.Serialization.dll
[2014/06/28 00:09:01 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.17044_none_ca900699bc14590d\System.Runtime.Serialization.dll
[2014/07/10 05:58:41 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.17053_none_ca911dabbc1358c3\System.Runtime.Serialization.dll
[2014/05/24 04:11:24 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.21161_none_b3c4a4c5d5b99ede\System.Runtime.Serialization.dll
[2014/07/10 05:55:18 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.21172_none_b3c58e47d5b8d1d6\System.Runtime.Serialization.dll
[2013/07/15 20:38:15 | 000,001,131 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.2.9200.16384_cs-cz_2b0eb54f379ff467.manifest
[2012/07/26 08:47:22 | 000,001,154 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.2.9200.16384_en-us_6e6500ab1e9a50c5.manifest
[2012/07/26 08:47:36 | 000,001,852 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_9df633403910846e.manifest
[2012/07/26 06:09:43 | 000,001,513 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.2.9200.16384_none_f9bc515a3410ee82.manifest
[2012/07/26 06:26:40 | 000,002,626 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.2.9200.16384_none_6a7f3483366f250c.manifest
[2012/07/26 06:07:04 | 000,009,894 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.2.9200.16384_none_8ede5994e2f7c2e3.manifest
[2012/07/26 06:06:54 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.2.9200.16384_none_85867a4c903a2d8f.manifest
[2012/07/26 05:48:21 | 000,002,226 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_e25d0cd734f43e04.manifest
[2012/07/26 05:48:33 | 000,002,222 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_c974e4aa59db7371.manifest
[2012/07/26 05:48:19 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_8f14a7bb8fcb8036.manifest
[2013/02/25 02:50:28 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16543_none_8f10bd138fcf01db.manifest
[2014/04/16 19:56:21 | 000,002,450 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.17006_none_8f0c7a2d8fd2e4f4.manifest
[2014/07/24 14:22:14 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.17061_none_8f12edd18fccfcd9.manifest
[2013/02/25 02:20:05 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20647_none_7842bb33a976c865.manifest
[2014/04/16 19:46:51 | 000,002,450 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.21126_none_7840d401a97877a8.manifest
[2014/07/24 14:37:35 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.21180_none_78475e6da97275ec.manifest
[2012/07/26 05:48:28 | 000,002,190 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_fed799684e8c8f15.manifest
[2012/07/26 05:48:22 | 000,002,190 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_ea6130aafff18bc8.manifest
[2012/07/26 05:48:30 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16384_none_8fbcf8a56818c79c.manifest
[2014/06/28 10:32:06 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.17044_none_8fb8f9cf681c5e74.manifest
[2014/07/12 08:43:06 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.17053_none_8fba10e1681b5e2a.manifest
[2014/06/28 10:13:01 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.21161_none_78ed97fb81c1a445.manifest
[2014/07/12 08:52:13 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.21172_none_78ee817d81c0d73d.manifest
[2012/07/26 05:48:13 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_ca94056fbc10c235.manifest
[2014/06/28 10:31:36 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.17044_none_ca900699bc14590d.manifest
[2014/07/12 08:42:43 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.17053_none_ca911dabbc1358c3.manifest
[2014/06/28 10:12:45 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.21161_none_b3c4a4c5d5b99ede.manifest
[2014/07/12 08:51:45 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.21172_none_b3c58e47d5b8d1d6.manifest
[2012/07/26 04:40:05 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_4133a81e70d69dc1.manifest
[2012/07/26 04:45:32 | 000,002,325 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_bd2cf9cf998cc8b9.manifest
[2012/07/26 04:43:53 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6.manifest
[2014/06/28 08:39:04 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.17044_none_dd1f5c096812e69e.manifest
[2014/07/12 06:57:01 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.17053_none_dd20731b6811e654.manifest
[2014/06/28 08:20:07 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.21161_none_c653fa3581b82c6f.manifest
[2014/07/12 06:52:27 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.21172_none_c654e3b781b75f67.manifest
[2013/07/15 20:41:26 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_cs-cz_04bd693af2668cc0.manifest
[2012/07/26 08:48:06 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_en-us_5fd9e3512e11d7d2.manifest
[2012/10/06 08:45:01 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_cs-cz_04b8c2c4f26aa7da.manifest
[2013/04/21 10:18:41 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_en-us_5fd53cdb2e15f2ec.manifest
[2013/02/25 05:17:13 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_cs-cz_04b97e92f26a0e65.manifest
[2013/02/25 02:57:18 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_en-us_5fd5f8a92e155977.manifest
[2014/07/24 18:43:14 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.17061_cs-cz_04bbaf50f2680963.manifest
[2014/07/24 14:20:50 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.17061_en-us_5fd829672e135475.manifest
[2012/10/06 08:49:51 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_cs-cz_edeb053d0c122181.manifest
[2013/04/21 10:18:41 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_en-us_49077f5347bd6c93.manifest
[2013/02/25 07:16:34 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_cs-cz_edeb7cb30c11d4ef.manifest
[2013/02/25 02:24:45 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_en-us_4907f6c947bd2001.manifest
[2014/07/24 18:49:39 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.21180_cs-cz_edf01fed0c0d8276.manifest
[2014/07/24 14:34:17 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.21180_en-us_490c9a0347b8cd88.manifest
[2013/07/15 20:41:15 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0.manifest
[2012/07/26 08:48:06 | 000,000,548 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_en-us_c5eb1baeb306baf2.manifest
[2014/06/28 17:34:40 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.17044_cs-cz_6acaa2c2775f06b8.manifest
[2014/06/28 10:44:11 | 000,000,548 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.17044_en-us_c5e71cd8b30a51ca.manifest
[2014/07/12 12:48:09 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.17053_cs-cz_6acbb9d4775e066e.manifest
[2014/07/12 08:39:40 | 000,000,548 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.17053_en-us_c5e833eab3095180.manifest
[2014/06/28 20:12:50 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.21161_cs-cz_53ff40ee91044c89.manifest
[2014/06/28 10:12:42 | 000,000,548 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.21161_en-us_af1bbb04ccaf979b.manifest
[2014/07/12 13:24:36 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.21172_cs-cz_54002a7091037f81.manifest
[2014/07/12 09:05:22 | 000,000,548 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.21172_en-us_af1ca486ccaeca93.manifest
[2012/07/26 04:40:13 | 000,002,297 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_ec5267dfb07eac70.manifest
[2012/07/26 04:40:38 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16384_none_a755581c0ac16dd9.manifest
[2013/02/25 01:20:49 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16543_none_a7516d740ac4ef7e.manifest
[2014/04/16 19:55:31 | 000,002,967 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.17006_none_a74d2a8e0ac8d297.manifest
[2014/07/24 12:27:35 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.17061_none_a7539e320ac2ea7c.manifest
[2013/02/25 00:54:09 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20647_none_90836b94246cb608.manifest
[2014/04/16 19:42:56 | 000,002,967 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.21126_none_90818462246e654b.manifest
[2014/07/24 12:42:54 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.21180_none_90880ece2468638f.manifest
[2012/07/26 04:45:31 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9.manifest
[2014/06/28 08:39:24 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.17044_none_0d6291a38fb9e7d1.manifest
[2014/07/12 06:57:12 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.17053_none_0d63a8b58fb8e787.manifest
[2014/06/28 08:20:13 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.21161_none_f6972fcfa95f2da2.manifest
[2014/07/12 06:52:38 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.21172_none_f6981951a95e609a.manifest
[2012/07/26 04:46:59 | 000,002,382 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9200.16384_none_39f3d82244d5cd7e.manifest
[2012/07/26 04:44:37 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_1c0994e6b8e022d1.manifest
[2012/07/26 04:40:08 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b.manifest
[2014/06/28 08:38:40 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.17044_none_123d3d70d0908213.manifest
[2014/07/12 06:56:41 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.17053_none_123e5482d08f81c9.manifest
[2014/06/28 08:19:51 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.21161_none_fb71db9cea35c7e4.manifest
[2014/07/12 06:52:07 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.21172_none_fb72c51eea34fadc.manifest
[2012/07/12 03:02:06 | 000,132,656 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9200.16384_none_ed024caf4eb39c5b\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/26 09:23:07 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_5313850cd3a87f7b\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 19:32:49 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.17044_none_530f8636d3ac1653\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:12:06 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.21161_none_3c442462ed515c24\System.Runtime.Serialization.Formatters.Soap.dll
[2013/07/15 20:43:03 | 000,027,736 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.16384_cs-cz_a62b631b484ba554\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:52 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.16430_cs-cz_a626bca5484fc06e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:52:17 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.20531_cs-cz_8f58ff1d61f73a15\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/15 20:43:01 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.2.9200.16384_cs-cz_0c3c9b78cd408874\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/15 20:43:01 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.2.9200.17044_cs-cz_0c389ca2cd441f4c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/15 20:43:01 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.2.9200.21161_cs-cz_f56d3acee6e9651d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/12 03:02:06 | 000,022,024 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_4133a81e70d69dc1\System.Runtime.Serialization.Json.dll
[2012/07/12 03:02:06 | 000,022,048 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_bd2cf9cf998cc8b9\System.Runtime.Serialization.Primitives.dll
[2012/07/06 03:02:29 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6\System.Runtime.Serialization.dll
[2014/06/28 00:08:39 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.17044_none_dd1f5c096812e69e\System.Runtime.Serialization.dll
[2014/07/10 05:58:04 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.17053_none_dd20731b6811e654\System.Runtime.Serialization.dll
[2014/05/24 02:07:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.21161_none_c653fa3581b82c6f\System.Runtime.Serialization.dll
[2014/07/10 05:54:45 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.21172_none_c654e3b781b75f67\System.Runtime.Serialization.dll
[2013/07/15 20:43:07 | 000,113,704 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_cs-cz_04bd693af2668cc0\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:52 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_cs-cz_04b8c2c4f26aa7da\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:46 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_cs-cz_04b97e92f26a0e65\System.RunTime.Serialization.resources.dll
[2014/06/06 05:38:53 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.17061_cs-cz_04bbaf50f2680963\System.RunTime.Serialization.resources.dll
[2012/08/31 01:52:18 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_cs-cz_edeb053d0c122181\System.RunTime.Serialization.resources.dll
[2012/08/31 01:52:07 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_cs-cz_edeb7cb30c11d4ef\System.RunTime.Serialization.resources.dll
[2014/06/05 02:10:59 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.21180_cs-cz_edf01fed0c0d8276\System.RunTime.Serialization.resources.dll
[2013/07/15 20:43:01 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0\System.RunTime.Serialization.Resources.dll
[2013/07/15 20:43:01 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.17044_cs-cz_6acaa2c2775f06b8\System.RunTime.Serialization.Resources.dll
[2013/07/15 20:43:01 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.17053_cs-cz_6acbb9d4775e066e\System.RunTime.Serialization.Resources.dll
[2013/07/15 20:43:01 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.21161_cs-cz_53ff40ee91044c89\System.RunTime.Serialization.Resources.dll
[2013/07/15 20:43:01 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.21172_cs-cz_54002a7091037f81\System.RunTime.Serialization.Resources.dll
[2012/07/12 03:02:06 | 000,022,016 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_ec5267dfb07eac70\System.Runtime.Serialization.Xml.dll
[2012/07/12 03:02:06 | 001,050,096 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16384_none_a755581c0ac16dd9\System.Runtime.Serialization.dll
[2013/02/23 00:11:46 | 001,050,728 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16543_none_a7516d740ac4ef7e\System.Runtime.Serialization.dll
[2014/04/16 19:20:15 | 001,060,608 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.17006_none_a74d2a8e0ac8d297\System.Runtime.Serialization.dll
[2014/07/24 04:33:01 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.17061_none_a7539e320ac2ea7c\System.Runtime.Serialization.dll
[2013/02/23 00:13:32 | 001,051,768 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20647_none_90836b94246cb608\System.Runtime.Serialization.dll
[2014/04/16 19:18:46 | 001,060,608 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.21126_none_90818462246e654b\System.Runtime.Serialization.dll
[2014/07/12 00:18:34 | 001,059,544 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.21180_none_90880ece2468638f\System.Runtime.Serialization.dll
[2012/07/06 03:02:28 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9\System.Runtime.Serialization.dll
[2014/06/28 00:08:39 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.17044_none_0d6291a38fb9e7d1\System.Runtime.Serialization.dll
[2014/07/10 05:58:04 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.17053_none_0d63a8b58fb8e787\System.Runtime.Serialization.dll
[2014/05/24 02:07:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.21161_none_f6972fcfa95f2da2\System.Runtime.Serialization.dll
[2014/07/10 05:54:45 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.21172_none_f6981951a95e609a\System.Runtime.Serialization.dll
[2012/07/12 03:02:08 | 000,036,320 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9200.16384_none_39f3d82244d5cd7e\System.Xml.Serialization.dll
[2012/07/12 03:02:08 | 000,022,496 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_1c0994e6b8e022d1\System.Xml.XmlSerializer.dll
[2015/09/24 07:28:08 | 000,004,893 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_75ce6f9d07187c00\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015/09/24 07:27:50 | 000,004,266 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_75ce6f9d07187c00\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:52 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_76007ff706f38816\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:52 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_76007ff706f38816\System.RunTime.Serialization.resources.dll
[2015/09/24 07:29:31 | 000,002,754 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_768b1d0c20104137\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015/09/24 07:29:22 | 000,002,384 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_768b1d0c20104137\System.RunTime.Serialization.resources.dll
[2015/09/26 11:10:24 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_bcd776d47cbcd7df\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015/09/26 11:10:47 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_bd09872e7c97e3f5\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/15 20:43:00 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.17044_cs-cz_bd029a0a7c9c8a47\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015/09/26 11:11:07 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_bd94244395b49d16\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015/09/26 11:11:26 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.21161_cs-cz_bd73961f95cd15ee\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/15 20:42:49 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_4b15ed72b511893d\serialui.dll.mui
[2012/07/26 08:48:47 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_en-us_8e6c38ce9c0be59b\serialui.dll.mui
[2012/07/26 04:19:54 | 000,015,360 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.2.9200.16384_none_f1acad6ef011817a\serialui.dll
[2012/07/26 09:23:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b\System.Runtime.Serialization.dll
[2014/06/28 00:08:39 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.17044_none_123d3d70d0908213\System.Runtime.Serialization.dll
[2014/07/10 05:58:04 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.17053_none_123e5482d08f81c9\System.Runtime.Serialization.dll
[2014/05/24 02:07:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.21161_none_fb71db9cea35c7e4\System.Runtime.Serialization.dll
[2014/07/10 05:54:45 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.21172_none_fb72c51eea34fadc\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Ardenlax
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 29 srp 2015 18:26

Re: Avast - Vytížení

#34 Příspěvek od Ardenlax »

OTL Extras logfile created on: 9. 12. 2015 20:24:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alexandr\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17451)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,82 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 58,39% Memory free
7,32 Gb Paging File | 5,55 Gb Available in Paging File | 75,87% Paging File free
Paging file location(s): c:\pagefile.sys 3584 7168 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 572,61 Gb Total Space | 60,62 Gb Free Space | 10,59% Space Free | Partition Type: NTFS
Drive E: | 341,80 Gb Total Space | 260,13 Gb Free Space | 76,11% Space Free | Partition Type: NTFS

Computer Name: SKOTNICA | User Name: Alexandr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3338900602-571765566-1102821152-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034B9F54-F4AC-458E-9E12-CA846EDACA0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{0CC4C0B2-7076-43DF-B18A-298A177EAF60}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{4CCA0F03-FF99-40FB-860F-EC5C9C1AC885}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{507425A3-8E71-4696-802B-0E0375E5EE3F}" = rport=80 | protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{A5E70A6D-82EC-4AE8-8DC4-EA33AC91B4FE}" = rport=80 | protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\remotecrashsender.exe |
"{C15B92AA-C846-474C-A2EC-D1DA287ACC47}" = rport=80 | protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{CBDDFB3F-41CD-429C-865E-0416B37D0E72}" = rport=80 | protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{CD860AEA-DFF0-4F2E-9CEB-68608A46F039}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{D0629B27-57C5-43A0-AA55-C967C8A64C87}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\remotecrashsender.exe |
"{D177D211-9906-4F81-9A96-938733872740}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010B49E6-BB1F-463A-91AB-1E4FD2C18987}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\guns of icarus online\workshop\workshop.exe |
"{013C8334-9F0F-45DE-8DEC-98B41DFB8150}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{067C8901-71B1-4315-B456-0D446C3B31B7}" = dir=out | name=acer explorer |
"{077978FA-5828-4E46-AFB2-0BDDF731D48B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{0A1466EC-C4C2-4A4A-9181-996B3A88F59B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0BB1CA98-4961-491D-8FBF-26E95B998E69}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{0E3957C5-1D93-438A-9465-38ACE7DCD733}" = dir=in | app=c:\program files\echobit\evolve\evolveclient.exe |
"{10EBD510-292D-412F-A4ED-C81E52331A09}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\sdd.exe |
"{122F84B2-58C0-4FEF-A3F8-0F9EDD7E32F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{130FB22A-38D4-411C-8FD7-0B3B450D1A34}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{14E44824-14CC-4E86-8742-6D3D1F37244C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{19DAEBB0-F60F-4A0F-BA6C-32966A73AA0E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe |
"{1AB969F9-3672-461D-8BDA-08353EFA2D37}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\qube directors cut\binaries\win32\qubegame.exe |
"{1B286B0B-4B69-4895-AD5B-58EE0768C991}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1BC9995F-BCD2-437A-BC36-DAAA0B1AB33B}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1C3990BB-A435-4AD8-80BF-A98736B100E8}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{201BC90F-073F-4644-8D9A-C249752E36EB}" = dir=in | name=ebay |
"{20A34563-E99F-49E4-8BE4-29A343AE7D6F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\siryouarebeinghunted\x64\sir.exe |
"{20B1222D-979B-472C-8263-261A378BE50F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\siryouarebeinghunted\launcher\sir.exe |
"{255E321C-F96A-4660-9EE3-A81E93EA0F83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold crusader extreme\stronghold_crusader_extreme.exe |
"{283D17E5-EAC0-41F8-BB89-79B0762149FF}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{2A7304BA-BB1D-4174-B5DC-2CEEC104D4DC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{2CB7E077-AFAF-4041-AA1B-1095025FB414}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw.exe |
"{2D7A3ABE-C9BD-48CD-AB9B-2FF7C6F76D67}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\virtualdrive.exe |
"{2D928BFB-D908-4D3A-8137-D079B527D676}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\baldur's gate enhanced edition\baldur.exe |
"{2E5BE7DB-A10D-4E61-90DD-97A71F9DB2A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\goodbye deponia\visionaireconfigurationtool.exe |
"{30E55AEF-4374-4C27-9C43-058BDCBC18E0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{3220B573-3670-4B83-9C68-0038285EEFD9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{32CEAF7A-8823-4737-9BE6-B8C78C192634}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold crusader extreme\stronghold crusader.exe |
"{38079B44-4F79-416D-8815-DA3DDB8E99B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\floating point\floating point.exe |
"{3A3A5F2D-2F7E-4D9A-B40B-9DF8FB78DC99}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{3A6FB46A-96AF-4881-BBA6-526143518110}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3AA37487-1F1B-461E-8EBF-8E226E7CD58A}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{3D0AA424-FA62-427E-BB53-DA84FF09DE44}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{3D537576-2B13-400F-A2F0-5A791B4DBC67}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medieval ii total war\medieval2.exe |
"{3D71EDA8-2C25-4BE7-A0D9-86EDF95D6E9A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\smite\binaries\win32\hirezbridge.exe |
"{3DFC0400-2869-4D79-B4B2-81F6D1643257}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe |
"{3F701962-E82A-4433-B0F6-757ED0FBC615}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{40A32763-1CB2-4DB3-8946-618B9238F720}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{44DD4373-2FDC-4BBD-9152-CB572DF76F1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{4699601E-90D0-429B-93D8-0613459228E0}" = dir=out | name=newsxpresso |
"{487AC175-9BAF-4F8E-88AD-23E0158EF9C4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\baldur's gate enhanced edition\baldur.exe |
"{490C5F3A-7401-4668-8CFD-6E89B982CC67}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{49547932-E9D4-42D7-BD2D-F359F8D15EED}" = dir=out | name=cut the rope |
"{4C812CBC-301D-41E7-BA11-7FE7B59533B9}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4CBBDBFC-3720-4A79-B378-C9F653B732B5}" = dir=out | name=kindle |
"{4FB3396F-5D38-457F-B279-BFA0D729E8D1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw.exe |
"{50757AFB-B685-416F-B171-50D00C434F6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{50C358D1-F04D-49AB-9260-F3CACA3A35C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{512A11D7-741C-4324-B53B-4DE95B983988}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\virtualdrive.exe |
"{53002FDE-BA3A-4932-A4BE-4D741E087125}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{5563600F-0AD2-45C2-B50A-5F7ABBAADD8F}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{57773774-4E8E-488E-A6DF-3850DE94ED66}" = dir=out | name=windows_ie_ac_001 |
"{5792AF1F-DD2C-47FA-AAD3-BEAAE9D0A47D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe |
"{57E4DE59-62F6-4C66-8A08-2304611DB51A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oddworld abes oddysee\abewin.exe |
"{583CF24E-4BA2-4450-96A1-D86A9791D508}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{59B30370-5A4A-4159-90AE-6077C6A0067B}" = dir=in | name=music maker jam |
"{5C736D49-32E7-4CC2-BACF-E31D1FA3E421}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{5C9BF33D-5EBE-4C12-BDFB-39905795362E}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{5D75E198-2323-4D89-AEF7-3133AC6347A8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\sdd.exe |
"{5F0A0719-7D3C-4138-BFBE-A39BEE998BE9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{5F22ACBE-2464-4225-843A-F536C0803AA8}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{61893764-B4DF-4B1C-ABDB-7FF432DEB1BF}" = dir=out | name=acer crystal eye |
"{62F66E4B-DB1C-4DCD-A6CB-E0353B7D57E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war alexander\testappa.exe |
"{63CCD62F-5D18-4411-B61A-DD6ABE247F5E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{646761B3-1E44-42E5-AF19-5D7F56B652D5}" = dir=out | name=- games app - |
"{64F41C21-3F3B-4D69-B386-1137B0B2F5FC}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{663E0DC2-DB04-4EDD-9290-420C8E5153B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{675E6568-25FB-4215-A4FF-8D161ACE8313}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\musicplayer.exe |
"{67F0B25A-599D-44D6-A92E-BA320C0AC188}" = dir=out | name=weatherbug.a |
"{697B097D-A1D0-4104-8D09-13854AA14D29}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6A7CA69F-030A-4AA7-88F9-DAB4094334C1}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{6E7D51E2-3B91-4914-B4A1-41E61B422E94}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{6E909EDF-56BE-48E5-8534-19C4B88C2A57}" = dir=out | name=shark dash |
"{6F7D0471-A357-43CE-8738-D6541F659725}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{7089F7C4-82FE-4688-8365-BED1FA81F125}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{70900BC1-2654-4D9A-9C99-4B5EA94D1BFB}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{70985F43-BDA8-4D88-91A1-BEDF773879EF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{7186EDF5-6E49-4C88-BCBC-5B315B0B4DD1}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{7228777D-F34D-4CCE-8AD9-EF63990481BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe |
"{73C5139D-CC63-403F-A692-E95E5317F40E}" = dir=out | name=music maker jam |
"{74F26A2E-FAE7-4DD9-B9F0-C591E64DA63B}" = dir=out | name=@{microsoft.zunevideo_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{7616D68C-7284-40E2-8BFC-F5B341C19FDE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{77CFC9CC-EA57-477D-9819-C069558B4CE8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{7C62F90C-B08E-4A48-A9A5-914220670C14}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oddworld abes oddysee\abewin.exe |
"{7D3A698D-1E83-413E-98F5-B8975433A66B}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{7E5701F1-BAE8-42E8-A0B5-0FDFAFADB7AD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{7F556A34-7095-4342-86E0-045619EADBA2}" = dir=in | name=newsxpresso |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{820EDF8B-F06B-44B1-9341-5EDE38790824}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{849AA4D0-FAC2-438A-A340-B92CA0F127DC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{852C826D-816A-4AC7-A457-F176B95B330D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super hexagon\superhexagon.exe |
"{8A4D3B3C-D22D-4DFE-871F-4E4EABEA2EFC}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{8CEE768E-0C45-4989-9A77-892929679F88}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8D9A07FB-DA15-4028-A0A2-14E1737DDAAF}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8E510E71-E004-4A7D-9EA0-BEEABAF8C778}" = dir=out | name=@{microsoft.zunemusic_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{8EC3E9BA-F5C6-4B25-9226-C147DEC45ACA}" = dir=out | name=@{microsoft.xboxlivegames_1.2.143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{90BD56DB-9D84-43C8-8D56-A8FF74AAB31E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\siryouarebeinghunted\x86\sir.exe |
"{916D7A9F-A6A0-4B47-B7DC-2FDCA5F7A324}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\siryouarebeinghunted\x64\sir.exe |
"{92A03821-DDDC-4EF6-80B8-A91F53BCA0B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\siryouarebeinghunted\launcher\sir.exe |
"{92C8CD46-61AD-4B92-8C7D-37D4BB696168}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{9508E6F7-4DC6-430F-A2E2-DD8763517291}" = dir=out | name=zinio |
"{983643DD-28BE-4C3F-A1CF-56BCDA84CBF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\floating point\floating point.exe |
"{9A6046D3-7013-40B3-BC60-7C370C2ADDA9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{9B5BB1AE-A016-4534-B19B-35161DC7CA64}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\goodbye deponia\visionaireconfigurationtool.exe |
"{9E99CF75-561E-448F-B2B2-1CA152684410}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{9F28734B-8B82-4FE4-8772-0CD277D21599}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{A5291A20-92C2-4159-A84C-6EF1E8DD1E20}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{AA14737A-722B-406A-85D1-3AE55DF67D68}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe |
"{AC4700DD-0B6A-4806-8CAC-B981141FC252}" = dir=out | name=tunein radio |
"{AC5EF172-510F-4BFC-B3BF-F29790ECC22E}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{AD853267-6305-4A99-8D8E-9D6F5ACFB384}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\movie\playmovie.exe |
"{BC964E00-C523-4217-9F83-76A135B9418B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\goodbye deponia\deponia3.exe |
"{BDE8E76C-BB1C-47CD-8C17-51BB91B4B0CC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{BF3C4B07-196B-4D4F-91CF-F088C45E69BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{C1F1F175-8227-477B-9169-2BF94ACB5DD6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C25528AD-3A7B-450B-A8DF-2B5C7C7385E5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{C267359A-8567-4379-940B-F384238296FA}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C309C0EC-788A-49B7-B990-A77516FAACFD}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C3B80287-1646-4AC0-BAD5-22E56C51D754}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{C5A95E0E-7C63-467E-B5A6-7311ED39FD6B}" = dir=out | name=social jogger |
"{C6BFC867-339B-4ADB-8A69-E693EF55B88C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{C72512CF-B3A7-4DCB-A8F5-D4C3538C2847}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{C7682401-2CD1-4C6D-884F-D4EF7F245441}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\siryouarebeinghunted\x86\sir.exe |
"{C8BB3BFB-37D2-4767-A444-D923D03E280C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{C9D1CEEE-B989-4D2C-910B-ED3469F003BB}" = dir=out | name=the treasures of montezuma 3 |
"{C9F7EC3A-5A20-4B6C-9E05-444A903BA6D6}" = dir=in | name=acer explorer |
"{CA67B70A-AA0F-407B-AFAA-83499F17A39C}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D1C1CD40-02F2-41D8-A771-FE034D25A802}" = dir=out | name=7digital music store |
"{D420B5DF-CB90-46D6-9E8F-89DFEEA1772A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold crusader extreme\stronghold crusader.exe |
"{D8A424BF-B3D4-47FC-B552-83825AE21FC7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{DBCB07B7-FC36-49DC-BA96-EB5DBA900441}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{DD309F3E-A42D-4F72-A38C-DCA11D6FEC49}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold crusader extreme\stronghold_crusader_extreme.exe |
"{DDE59100-CDCA-4A7A-A0C8-F512CCFDEF7B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super hexagon\superhexagon.exe |
"{DDFBCD42-FB69-4DA2-AC2A-0BB1AC14C751}" = dir=in | app=c:\program files\echobit\evolve\evosvc.exe |
"{DEA4D9D5-A73A-4967-871F-4EB65BF8CE8C}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{DEFE3973-E1A4-4155-813D-ED1B031DEDF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\goodbye deponia\deponia3.exe |
"{E075BFD3-2C97-43EC-89F4-2D9E1440EBD6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe |
"{E12FDB3A-1326-4D00-A1B7-8A32A4B487BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E165ED73-F645-4335-9CB3-B015F3E094B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EB53B11A-F5E3-4D30-B0CC-22C578246556}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{ECDBCC37-DF26-4272-98EC-08DDA1768564}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{EF0E4F9E-45CE-4A15-8926-3864D6846D89}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medieval ii total war\medieval2.exe |
"{EF6ADF83-34CB-4C8E-8114-E49B93B861ED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\guns of icarus online\workshop\workshop.exe |
"{F003B88A-6993-4645-B0E6-4F5D7463E374}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{F0F4FA43-1834-4900-B523-33564F2D49AF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{F1FAF02B-F1F7-4297-9E91-1BA5DD4B83C1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\smite\binaries\win32\hirezbridge.exe |
"{F30F6B3F-BE7C-48E3-BBC6-77591D8038CB}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{F77CAB3A-F5B8-4025-98C2-BE13158BD43C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\qube directors cut\binaries\win32\qubegame.exe |
"{F821D266-73D9-41EA-806B-A8CC5264ADFB}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FC3513C0-C8B9-4920-9081-8826F81531FD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war alexander\testappa.exe |
"{FD386B2C-BE7B-4303-85A9-811122D3FFE0}" = dir=in | app=c:\program files (x86)\dropbox\client\dropbox.exe |
"{FF6F869B-E646-4881-A5E8-EAE100DE5150}" = dir=out | name=ebay |
"TCP Query User{00ABCDB7-2FB1-4F15-9A2D-ADC3DF069E98}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe |
"TCP Query User{274A58C9-51F9-4260-9563-4E882A3E63C1}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe |
"TCP Query User{47885563-880D-4216-8CF5-822B8282E00F}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe |
"TCP Query User{54D8D380-64A3-4723-B46A-E370815315BF}C:\users\alexandr\appdata\local\mycomgames\mycomgames.exe" = protocol=6 | dir=in | app=c:\users\alexandr\appdata\local\mycomgames\mycomgames.exe |
"TCP Query User{70C2F041-8431-4ED2-90FB-0F83D7CE37EE}E:\games\blood bowl 2\bloodbowl2_dx_32.exe" = protocol=6 | dir=in | app=e:\games\blood bowl 2\bloodbowl2_dx_32.exe |
"TCP Query User{747CC113-FD75-40F6-8B47-D2DEB9FBF1CD}C:\program files (x86)\r.g. mechanics\a story about my uncle\binaries\win32\asamu-win32-shipping.exe" = protocol=6 | dir=in | app=c:\program files (x86)\r.g. mechanics\a story about my uncle\binaries\win32\asamu-win32-shipping.exe |
"TCP Query User{B9AA45BA-CCAF-44DC-8C8B-A6ADA4EBC69D}C:\users\alexandr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\alexandr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{CEA266EE-E2CE-4129-9FB8-6BD0F91465E3}C:\program files (x86)\lsi\lolsummonerinfo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lsi\lolsummonerinfo.exe |
"TCP Query User{DB82EA0A-7096-4F44-901F-DAD80548C2C1}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe |
"TCP Query User{E2907E1C-774D-4EED-9EFA-61FF0FB0A580}E:\games\blood bowl 2\benchmarkdx11.exe" = protocol=6 | dir=in | app=e:\games\blood bowl 2\benchmarkdx11.exe |
"UDP Query User{12448529-2637-45BF-A90F-331ACDDCCA54}C:\program files (x86)\r.g. mechanics\a story about my uncle\binaries\win32\asamu-win32-shipping.exe" = protocol=17 | dir=in | app=c:\program files (x86)\r.g. mechanics\a story about my uncle\binaries\win32\asamu-win32-shipping.exe |
"UDP Query User{18290C74-C68E-429B-82C7-6DF7CDD87853}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe |
"UDP Query User{8C356F9D-259A-4566-919E-C5AB7E8743CA}C:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe |
"UDP Query User{A33ACF7A-B370-4952-A491-B9C8B7AFBFC8}C:\program files (x86)\lsi\lolsummonerinfo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lsi\lolsummonerinfo.exe |
"UDP Query User{BB22310C-8C01-4E07-8F00-C0FB70735AC6}C:\users\alexandr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\alexandr\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{CEBB21C3-7977-457D-9064-DD2620CE6BFC}E:\games\blood bowl 2\benchmarkdx11.exe" = protocol=17 | dir=in | app=e:\games\blood bowl 2\benchmarkdx11.exe |
"UDP Query User{D3E11454-976A-4650-BB1B-AB2B3E00DA75}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe |
"UDP Query User{F009E70C-3D18-4959-B58E-F364A9FA1559}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe |
"UDP Query User{F26FE0AF-00A3-4220-ADE7-0996CF0B1AA8}E:\games\blood bowl 2\bloodbowl2_dx_32.exe" = protocol=17 | dir=in | app=e:\games\blood bowl 2\bloodbowl2_dx_32.exe |
"UDP Query User{F9A145FB-EA43-4E55-A6B3-502A0443089C}C:\users\alexandr\appdata\local\mycomgames\mycomgames.exe" = protocol=17 | dir=in | app=c:\users\alexandr\appdata\local\mycomgames\mycomgames.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{670B1B49-9FD3-4827-9B41-471EFF580AA8}" = Evolve
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}" = paint.net
"{E289B7DD-6732-4333-A47A-75A145D23EE3}" = Classic Shell
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Elantech" = ETDWare PS/2-X64 11.6.16.003_WHQL
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.21 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{099218A5-A723-43DC-8DB5-6173656A1E94}" = Dropbox Update Helper
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FCC073B-CC01-4443-AD20-E559F66E6E83}" = Office Addin 2003
"{26A24AE4-039D-4CA4-87B4-2F83218060F0}" = Java 8 Update 60
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}" = Nero BackItUp 12 Essentials OEM.a01
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6B84E528-9705-4D36-9C97-97B8E23DAB75}" = League of Legends
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74d0e5db-b326-4dae-a6b2-445b9de1836e}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1FDC62A-32EC-4AA3-BBB6-80A7977CCAE2}_is1" = MicMute version 0.1.7.2
"{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud Portal
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-0804-1033-1959-001824161310}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{e46eca4f-393b-40df-9f49-076faf788d83}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.16
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"1207666813_is1" = Pillars of Eternity
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avast" = Avast Free Antivirus
"Battle.net" = Battle.net
"DarthMod Empire8.0 Platinum" = DarthMod Empire
"DarthMod Empire8.0.1 Platinum" = DarthMod Empire
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"Heroes of the Storm" = Heroes of the Storm
"League of Legends 3.0.1" = League of Legends
"Life Is Strange Episode 5_is1" = Life Is Strange Episode 5
"LManager" = Launch Manager
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"NARA" = Norton Online Backup ARA
"OpenAL" = OpenAL
"Overwolf" = Overwolf
"RadioController" = Dritek Radio Controller
"Revo Uninstaller" = Revo Uninstaller 1.95
"Spotify" = Spotify
"Steam" = Steam
"Steam App 10500" = Empire: Total War
"Steam App 105600" = Terraria
"Steam App 11020" = TrackMania Nations Forever
"Steam App 15700" = Oddworld: Abe's Oddysee
"Steam App 16700" = Stronghold Crusader Extreme HD
"Steam App 204300" = Awesomenauts
"Steam App 209080" = Guns of Icarus Online
"Steam App 214560" = Mark of the Ninja
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 221640" = Super Hexagon
"Steam App 222880" = Insurgency
"Steam App 228280" = Baldur's Gate: Enhanced Edition
"Steam App 230410" = Warframe
"Steam App 236390" = War Thunder
"Steam App 236850" = Europa Universalis IV
"Steam App 239430" = Q.U.B.E: Director's Cut
"Steam App 241910" = Goodbye Deponia
"Steam App 242880" = Sir, You Are Being Hunted
"Steam App 301520" = Robocraft
"Steam App 302380" = Floating Point
"Steam App 386360" = SMITE
"Steam App 40970" = Stronghold Crusader HD
"Steam App 4700" = Medieval II: Total War
"Steam App 4760" = Rome: Total War
"Steam App 4770" = Rome: Total War - Alexander
"Steam App 48700" = Mount & Blade: Warband
"Steam App 48720" = Mount & Blade: With Fire and Sword
"Steam App 730" = Counter-Strike: Global Offensive
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3338900602-571765566-1102821152-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Armored Warfare MyCom Beta" = Armored Warfare MyCom Beta
"MK LOL" = MK LOL
"MyComGames" = My.com Game Center
"Third Age - Total War 3.0 (Part 1of2)" = Third Age - Total War 3.0 (Part 1of2)
"Third Age - Total War 3.0 (Part 2of2)" = Third Age - Total War 3.0 (Part 2of2)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7. 11. 2015 14:55:34 | Computer Name = Skotnica | Source = Application Error | ID = 1000
Description = Název chybující aplikace: rads_user_kernel.exe, verze: 0.0.0.0, časové
razítko: 0x4e65c1ac Název chybujícího modulu: rads_user_kernel.exe, verze: 0.0.0.0,
časové razítko: 0x4e65c1ac Kód výjimky: 0xc0000005 Posun chyby: 0x000b8554 ID chybujícího
procesu: 0x1440 Čas spuštění chybující aplikace: 0x01d1198de02eb883 Cesta k chybující
aplikaci: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Cesta
k chybujícímu modulu: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
ID
zprávy: 1ffc6139-8581-11e5-be85-208984c9bb53 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 7. 11. 2015 15:56:22 | Computer Name = Skotnica | Source = Application Hang | ID = 1002
Description = Program Wow.exe verze 3.3.5.12340 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
484 Čas spuštění: 01d11996503b54e7 Čas ukončení: 12 Cesta k aplikaci: C:\Users\Alexandr\Downloads\Wrath
of the Lich King 3.3.5a\Wow.exe ID hlášení: 97ef5503-8589-11e5-be85-208984c9bb53

Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 9. 11. 2015 15:18:30 | Computer Name = Skotnica | Source = Application Error | ID = 1000
Description = Název chybující aplikace: rads_user_kernel.exe, verze: 0.0.0.0, časové
razítko: 0x4e65c1ac Název chybujícího modulu: rads_user_kernel.exe, verze: 0.0.0.0,
časové razítko: 0x4e65c1ac Kód výjimky: 0xc0000005 Posun chyby: 0x000b8554 ID chybujícího
procesu: 0xe68 Čas spuštění chybující aplikace: 0x01d11b2361c4cf81 Cesta k chybující
aplikaci: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Cesta
k chybujícímu modulu: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
ID
zprávy: a8bb8e14-8716-11e5-be85-208984c9bb53 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 11. 11. 2015 13:49:23 | Computer Name = Skotnica | Source = Application Hang | ID = 1002
Description = Program taskmgr.exe verze 6.2.9200.16465 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 978 Čas spuštění: 01d11c9a7dab2042 Čas ukončení: 3 Cesta k aplikaci: C:\WINDOWS\system32\taskmgr.exe

ID
hlášení: 84cdc5dd-889c-11e5-be85-208984c9bb53 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 11. 11. 2015 14:50:50 | Computer Name = Skotnica | Source = Steam Client Service | ID = 1
Description = Error: Failed to copy new service file to temp location

Error - 12. 11. 2015 15:05:28 | Computer Name = Skotnica | Source = Application Error | ID = 1000
Description = Název chybující aplikace: jucheck.exe, verze: 2.8.60.27, časové razítko:
0x55c116b1 Název chybujícího modulu: jucheck.exe, verze: 2.8.60.27, časové razítko:
0x55c116b1 Kód výjimky: 0x40000015 Posun chyby: 0x00052d24 ID chybujícího procesu:
0x19c0 Čas spuštění chybující aplikace: 0x01d11d7d16d35437 Cesta k chybující aplikaci:
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ID zprávy:
55a3c5c8-8970-11e5-be85-208984c9bb53 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:

Error - 16. 11. 2015 16:29:19 | Computer Name = Skotnica | Source = Application Error | ID = 1000
Description = Název chybující aplikace: LolClient.exe, verze: 0.0.0.0, časové razítko:
0x515663e0 Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.9200.17366, časové
razítko: 0x554d16f6 Kód výjimky: 0x40010006 Posun chyby: 0x00010192 ID chybujícího
procesu: 0x790 Čas spuštění chybující aplikace: 0x01d120ad090f0bad Cesta k chybující
aplikaci: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.169\deploy\LolClient.exe
Cesta
k chybujícímu modulu: C:\WINDOWS\SYSTEM32\KERNELBASE.dll ID zprávy: b65a4d73-8ca0-11e5-be86-208984c9bb53
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 17. 11. 2015 6:23:00 | Computer Name = Skotnica | Source = Desktop Window Manager | ID = 9020
Description = Správce oken plochy zjistil závažnou chybu (0x8898008d).

Error - 18. 11. 2015 16:47:42 | Computer Name = Skotnica | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0xC004C003

Error - 18. 11. 2015 16:47:42 | Computer Name = Skotnica | Source = Office Software Protection Platform Service | ID = 1012
Description = Acquisition of Product Certificate failed. hr=0xC004C003 Sku Id=42cbf3f6-4d5e-49c6-991a-0d99b8429a6d

[ System Events ]
Error - 13. 11. 2015 19:08:09 | Computer Name = Skotnica | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby DsiWMIService bylo dosaženo
časového limitu (30000 ms).

Error - 13. 11. 2015 19:08:39 | Computer Name = Skotnica | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby DsiWMIService bylo dosaženo
časového limitu (30000 ms).

Error - 13. 11. 2015 19:08:40 | Computer Name = Skotnica | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby NlaSvc bylo dosaženo časového
limitu (30000 ms).

Error - 15. 11. 2015 14:07:42 | Computer Name = Skotnica | Source = Tcpip | ID = 4199
Description = Systém zjistil konflikt IP adresy 10.0.0.139 se systémem, jehož síťová
hardwarová adresa je D4-6E-5C-47-67-46. Síťové operace v systému mohou být přerušeny.

Error - 15. 11. 2015 16:00:15 | Computer Name = Skotnica | Source = Tcpip | ID = 4199
Description = Systém zjistil konflikt IP adresy 10.0.0.139 se systémem, jehož síťová
hardwarová adresa je D4-6E-5C-47-67-46. Síťové operace v systému mohou být přerušeny.

Error - 16. 11. 2015 13:03:49 | Computer Name = Skotnica | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu
(30000 ms).

Error - 20. 11. 2015 1:05:30 | Computer Name = Skotnica | Source = Tcpip | ID = 4199
Description = Systém zjistil konflikt IP adresy 10.0.0.139 se systémem, jehož síťová
hardwarová adresa je 24-1F-A0-7A-49-DA. Síťové operace v systému mohou být přerušeny.

Error - 20. 11. 2015 18:13:16 | Computer Name = Skotnica | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Appinfo bylo dosaženo časového
limitu (30000 ms).

Error - 20. 11. 2015 18:14:20 | Computer Name = Skotnica | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =

Error - 20. 11. 2015 18:14:59 | Computer Name = Skotnica | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (23:03:18, ?20. ?11. ?2015) bylo neočekávané.


< End of report >

Ardenlax
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 29 srp 2015 18:26

Re: Avast - Vytížení

#35 Příspěvek od Ardenlax »

Zde jsou logy z OTL. Ty logy z RSIT nastavit z posledního měsíce?

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Avast - Vytížení

#36 Příspěvek od Márty84 »

Ardenlax píše:Ty logy z RSIT nastavit z posledního měsíce?
Nechte tam to, co je prednastavene. S tak dlouhyma pauzama je to stejne o nicem.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Ardenlax
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 29 srp 2015 18:26

Re: Avast - Vytížení

#37 Příspěvek od Ardenlax »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Alexandr at 2015-12-13 13:41:53
Microsoft Windows 8
System drive C: has 57 GB (10%) free of 586 GB
Total RAM: 3911 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:42:03, on 13. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Alexandr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [EvolveClient] "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
O4 - HKCU\..\Run: [MyComGames] "C:\Users\Alexandr\AppData\Local\MyComGames\MyComGames.exe" -autostart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B26C385-7A9D-49A9-BFFC-57EDC999C3CF}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B26C385-7A9D-49A9-BFFC-57EDC999C3CF}: NameServer = 8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll,C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11899 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
taskhostex.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\WINDOWS\system32\wuauclt.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Alexandr\AppData\Local\Steam\htmlcache" -steampid=3480 -buildid=1449778863 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="6920.0.248981677\186768133" --font-cache-shared-handle=1172 /prefetch:673131151
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="6920.1.1103653013\1268192596" --font-cache-shared-handle=1812 /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7916.0.395785871\741140445" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/SuggestFeatureAblation_Control_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7916.2.1234198258\1870723564" --font-cache-shared-handle=2728 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/SuggestFeatureAblation_Control_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7916.23.728483505\1927201" --font-cache-shared-handle=6268 /prefetch:673131151
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/SuggestFeatureAblation_Control_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Default/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7916.55.179617580\606840860" --font-cache-shared-handle=6816 /prefetch:673131151
"C:\Users\Alexandr\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25 66688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-05 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-08 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-05 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-08 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-11-20 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2015-08-09 161728]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-12-10 3013200]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-11-11 1095704]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe [2015-12-01 45296]
"EvolveClient"=C:\Program Files\Echobit\Evolve\EvolveClient.exe [2015-11-12 3334528]
"MyComGames"=C:\Users\Alexandr\AppData\Local\MyComGames\MyComGames.exe [2015-12-10 4688840]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-12-01 50754688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"= []
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2013-07-15 111216]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2012-08-15 2994880]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-06 6133520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2012-10-23 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-13 13:41:53 ----D---- C:\rsit
2015-12-13 13:41:53 ----D---- C:\Program Files\trend micro
2015-12-09 19:58:46 ----SHD---- C:\AI_RecycleBin
2015-12-09 16:59:29 ----RD---- C:\Program Files (x86)\Skype
2015-12-04 18:47:54 ----D---- C:\Program Files\Napoleon Total War
2015-12-04 15:59:09 ----D---- C:\Program Files\Common Files\AV
2015-12-03 21:35:58 ----D---- C:\Program Files\paint.net
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-27 21:38:54 ----A---- C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-11-27 21:38:53 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2015-11-27 21:38:53 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-27 21:38:53 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2015-11-27 21:38:53 ----A---- C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-14 22:42:58 ----D---- C:\Program Files (x86)\R.G. Mechanics

======List of files/folders modified in the last 1 month======

2015-12-13 13:41:53 ----RD---- C:\Program Files
2015-12-13 13:34:26 ----D---- C:\Users\Alexandr\AppData\Roaming\Skype
2015-12-13 13:15:22 ----D---- C:\WINDOWS\Prefetch
2015-12-13 13:06:22 ----D---- C:\Program Files (x86)
2015-12-13 13:00:01 ----D---- C:\WINDOWS\system32\sru
2015-12-13 12:56:53 ----D---- C:\Program Files (x86)\Steam
2015-12-12 19:58:12 ----D---- C:\WINDOWS\Temp
2015-12-12 19:17:01 ----D---- C:\Users\Alexandr\AppData\Roaming\vlc
2015-12-12 14:14:05 ----D---- C:\WINDOWS\Microsoft.NET
2015-12-10 22:04:14 ----SHD---- C:\System Volume Information
2015-12-10 22:00:37 ----D---- C:\Program Files (x86)\Dropbox
2015-12-10 21:05:43 ----D---- C:\Program Files (x86)\Battle.net
2015-12-10 20:23:38 ----D---- C:\WINDOWS\AUInstallAgent
2015-12-10 17:52:11 ----D---- C:\Program Files (x86)\Overwolf
2015-12-10 16:51:13 ----HD---- C:\Program Files\WindowsApps
2015-12-10 16:49:15 ----D---- C:\ProgramData\ProductData
2015-12-09 20:49:29 ----D---- C:\Users\Alexandr\AppData\Roaming\Riot Games
2015-12-09 20:49:22 ----SHD---- C:\WINDOWS\Installer
2015-12-09 20:49:22 ----D---- C:\WINDOWS\Tasks
2015-12-09 20:49:21 ----SHD---- C:\$Recycle.Bin
2015-12-09 20:19:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-12-09 20:18:56 ----D---- C:\WINDOWS\system32\config
2015-12-09 17:02:14 ----D---- C:\ProgramData\Skype
2015-12-09 16:59:30 ----D---- C:\Program Files (x86)\Common Files
2015-12-08 21:11:04 ----D---- C:\Users\Alexandr\AppData\Roaming\uTorrent
2015-12-06 16:15:37 ----D---- C:\WINDOWS\LiveKernelReports
2015-12-04 19:21:21 ----D---- C:\Users\Alexandr\AppData\Roaming\The Creative Assembly
2015-12-04 15:59:09 ----D---- C:\WINDOWS\system32\Tasks
2015-12-04 15:59:09 ----D---- C:\Program Files\Common Files
2015-12-03 21:41:19 ----RSD---- C:\WINDOWS\assembly
2015-12-02 22:23:26 ----D---- C:\Users\Alexandr\AppData\Roaming\TS3Client
2015-12-02 21:23:37 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-12-02 06:15:20 ----D---- C:\WINDOWS\WinSxS
2015-12-01 20:55:39 ----D---- C:\WINDOWS\system32\catroot2
2015-12-01 06:59:38 ----D---- C:\WINDOWS\system32\DriverStore
2015-11-28 23:33:50 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-11-27 21:39:57 ----RD---- C:\WINDOWS\System32
2015-11-27 21:39:52 ----D---- C:\ProgramData\Package Cache
2015-11-27 21:39:49 ----D---- C:\WINDOWS\CbsTemp
2015-11-27 21:39:49 ----D---- C:\Windows
2015-11-27 21:39:36 ----D---- C:\WINDOWS\SysWOW64
2015-11-14 12:16:48 ----D---- C:\WINDOWS\Inf
2015-11-14 12:16:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-20 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-20 274808]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2015-09-20 132656]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-09-20 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-06 1059656]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-06 449992]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-20 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-20 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-09-20 153744]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-20 274336]
R3 athr;@oem18.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-01-21 3747840]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 BTATH_BUS;@oem13.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-01-25 34384]
R3 dtlitescsibus;@oem26.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-09-10 30264]
R3 ETD;@oem11.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-11-20 331152]
R3 EvolveVirtualAdapter;@oem28.inf,%EvolveVirtualAdapter.Service.DispName%;Evolve Virtual Miniport Driver; C:\WINDOWS\system32\DRIVERS\evolve.sys [2015-11-07 21656]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-09-05 11273504]
R3 Ps2Kb2Hid;@oem10.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2013-07-15 26736]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem17.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
S3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
S3 BTATH_A2DP;@oem16.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
S3 btath_avdt;@oem16.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-25 115280]
S3 BTATH_HCRP;@oem19.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-01-25 179432]
S3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
S3 BTATH_RCP;@oem23.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-01-25 136424]
S3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-01-25 581200]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-04-21 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2013-04-21 74752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2013-03-01 156672]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-20 146600]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-02-20 2615368]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-10 350544]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-11-20 100752]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-09-02 8704]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-29 2909472]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-08-15 3943104]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2013-07-15 96880]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-20 4048280]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-03-15 662088]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-10 836176]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-19 136048]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-19 136048]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2015-11-07 1583488]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04 144200]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-12-01 1008880]

-----------------EOF-----------------

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Avast - Vytížení

#38 Příspěvek od Márty84 »

:!: Vypnete antivir, at nebrani programu v praci.
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
LiveUpdateSvc
NAUpdate
NOBU
gupdate
SkypeUpdate
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}
IE:64bit: - HKLM\..\SearchScopes\{ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}
IE - HKLM\..\SearchScopes\{ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
IE - HKU\S-1-5-21-3338900602-571765566-1102821152-1002\..\SearchScopes,DefaultScope = {ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Users\Alexandr\Desktop\*.tmp files -> C:\Users\Alexandr\Desktop\*.tmp -> ]
[2015/09/19 18:53:13 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
[2015/09/19 18:53:15 | 000,000,930 | ---- | C] () -- C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
[2015/12/02 06:39:54 | 000,000,974 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2015/12/02 06:40:01 | 000,000,978 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[7 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\WinSxS\*.tmp files -> C:\WINDOWS\WinSxS\*.tmp -> ]
[4 \$Windows.~BT\Sources\*.tmp files -> \$Windows.~BT\Sources\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
"DAEMON Tools Lite Automount"=-
"CCleaner Monitoring"=-
"Overwolf"=-
"EvolveClient"=-
"MyComGames"=-
"Skype"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=-
"Norton Online Backup"=-
"SunJavaUpdateSched"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Ardenlax
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 29 srp 2015 18:26

Re: Avast - Vytížení

#39 Příspěvek od Ardenlax »

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Alexandr
->Temp folder emptied: 2111603178 bytes
->Temporary Internet Files folder emptied: 144905839 bytes
->Java cache emptied: 7297390 bytes
->Google Chrome cache emptied: 410575220 bytes
->Flash cache emptied: 1625 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19515758 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 193404 bytes
RecycleBin emptied: 31326502750 bytes

Total Files Cleaned = 32 445,00 mb


[EMPTYFLASH]

User: Alexandr
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
Service NAUpdate stopped successfully!
Service NAUpdate deleted successfully!
Service NOBU stopped successfully!
Service NOBU deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADFE554B-F9EB-4A6E-8DFF-109E2A19B116}\ not found.
HKU\S-1-5-21-3338900602-571765566-1102821152-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3338900602-571765566-1102821152-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3338900602-571765566-1102821152-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-3338900602-571765566-1102821152-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\ not found.
File C:\Program Files (x86)\McAfee\SiteAdvisor not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com deleted successfully.
File C:\Program Files\McAfee\MSK not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Alexandr\Desktop\~WRL0001.tmp deleted successfully.
C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Installer\MSI1538.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI28BE.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI319B.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI4831.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIB8B9.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIC995.tmp deleted successfully.
C:\WINDOWS\Installer\MSID6C2.tmp- folder deleted successfully.
C:\WINDOWS\WinSxS\Reserve.tmp deleted successfully.
\$Windows.~BT\Sources\_s_25FA.tmp deleted successfully.
\$Windows.~BT\Sources\_s_72B5.tmp deleted successfully.
\$Windows.~BT\Sources\_s_D4F3.tmp deleted successfully.
\$Windows.~BT\Sources\_s_FECA.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Overwolf deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EvolveClient deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MyComGames deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\LManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Norton Online Backup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 12152015_222232

Files\Folders moved on Reboot...
C:\Users\Alexandr\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\lm\Alexandr\aipflib.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\lm\Alexandr\LMutilps32.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\lm\dsiwmis.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Avast - Vytížení

#40 Příspěvek od Márty84 »

:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak to s pc vypada.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Ardenlax
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 29 srp 2015 18:26

Re: Avast - Vytížení

#41 Příspěvek od Ardenlax »

Vše jsem udělal, jak bylo napsáno. Problém stále přetrvává.

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Avast - Vytížení

#42 Příspěvek od Márty84 »

Ja uz ani nevim, co byl za problem. S takovyma pauzama mezi prispevkama se to fakt neda. Kazdopadne v pocitaci havet neni, nebo aspon predtim nebyla, takze s tim nic moc nenadelam. Bud je chyba v samotnem systemu, nebo zlobi nejaky legitimni program a to na dalku tezko zjistim, bohuzel :42:



20.2. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Zamčeno