Právě je 17 lis 2019 17:20

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina




Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 44 ]  Přejít na stránku Předchozí  1, 2, 3
Autor Zpráva
PříspěvekNapsal: 03 bře 2016 19:02 
Offline
Návštěvník
Návštěvník

Registrován: 20 úno 2016 19:21
Příspěvky: 23
Zde OTL:

OTL logfile created on: 3. 3. 2016 17:51:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pefa\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18205)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

5,89 Gb Total Physical Memory | 4,33 Gb Available Physical Memory | 73,55% Memory free
6,82 Gb Paging File | 5,12 Gb Available in Paging File | 75,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372,60 Gb Total Space | 195,26 Gb Free Space | 52,40% Space Free | Partition Type: NTFS
Drive D: | 537,80 Gb Total Space | 171,89 Gb Free Space | 31,96% Space Free | Partition Type: NTFS

Computer Name: ASUS | User Name: pefa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016/03/03 17:41:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pefa\Desktop\OTL.exe
PRC - [2013/12/12 15:07:08 | 000,019,256 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2013/11/28 23:14:12 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013/11/09 01:08:52 | 000,227,936 | ---- | M] (WildTangent) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
PRC - [2013/10/23 14:45:30 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/10/23 14:44:48 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2013/10/23 14:44:48 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/10/07 17:22:26 | 000,055,880 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2013/10/07 15:36:58 | 000,181,360 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
PRC - [2013/09/23 16:59:24 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013/09/09 12:36:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013/09/09 11:04:42 | 000,111,416 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2013/08/29 17:11:08 | 019,646,544 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2013/08/29 17:01:56 | 000,602,936 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnWMI.exe
PRC - [2013/08/29 17:01:56 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnSrv.exe
PRC - [2013/05/30 15:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/05/28 11:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012/05/24 21:19:04 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2012/04/03 13:33:00 | 000,940,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/04/03 13:27:16 | 001,087,608 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/04/03 13:26:14 | 001,273,448 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2010/12/08 09:57:56 | 000,241,757 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe
PRC - [2010/02/12 03:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (No Company Name) ==========

MOD - [2016/02/11 21:56:47 | 007,787,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\1bc5f5d790d9ef39b06c0d987c5f9e6d\System.Xml.ni.dll
MOD - [2016/02/11 21:56:44 | 001,873,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\cefedeb81dc162ac90922e2f5e376bbd\System.Xaml.ni.dll
MOD - [2016/02/11 21:56:43 | 012,897,280 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2c72c55e30a9e74d325497099eac1210\System.Windows.Forms.ni.dll
MOD - [2016/02/11 21:56:25 | 000,797,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\dc09a52206ddef481cf78d964e063f78\System.Runtime.Remoting.ni.dll
MOD - [2016/02/11 21:56:24 | 001,639,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\f9ac9ac932a0fbdb5d47e459256e6e7c\System.Drawing.ni.dll
MOD - [2016/02/11 21:56:20 | 000,967,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\42468680923ab20df063477bc7b3b2ae\System.Configuration.ni.dll
MOD - [2016/02/11 21:56:19 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\4603735bde239120c963db7954cc5a0d\PresentationFramework.Aero2.ni.dll
MOD - [2016/02/11 21:56:18 | 018,753,024 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\db8223dd901c7c261c1345ee7a9d9ce3\PresentationFramework.ni.dll
MOD - [2016/02/11 21:56:10 | 011,014,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\6bde490a2bddd01567ba127cd025dc30\PresentationCore.ni.dll
MOD - [2016/02/11 21:56:05 | 003,904,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\a9cf5fee58c1f30224efee910c0eec00\WindowsBase.ni.dll
MOD - [2016/02/11 21:56:03 | 006,982,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\148ff30040b5785141fc013491ddb7e3\System.Core.ni.dll
MOD - [2016/02/11 21:55:59 | 010,069,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\ac12146d9e15d339043098cbc5e1762a\System.ni.dll
MOD - [2016/01/14 20:20:49 | 000,188,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c8849d6fd3bee972ec451baea15949ca\UIAutomationTypes.ni.dll
MOD - [2014/04/16 00:34:56 | 017,223,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\d03a3ddcd6a395878751c5e90fa16915\mscorlib.ni.dll
MOD - [2013/10/08 21:41:42 | 000,037,968 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
MOD - [2013/09/09 19:23:06 | 000,162,816 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
MOD - [2012/05/24 21:19:36 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2011/03/09 14:21:48 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll


========== Services (SafeList) ==========

SRV:64bit: - [2015/11/20 11:24:52 | 002,522,616 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/09/08 19:55:41 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2015/07/22 14:52:08 | 001,633,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015/07/16 19:58:34 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2015/05/30 20:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2015/05/12 14:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2015/05/07 16:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2015/02/21 00:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/10/31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/29 04:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/10/29 03:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014/10/29 03:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014/10/29 03:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014/10/29 03:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014/10/29 03:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014/10/29 02:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/10/29 02:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014/10/29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014/10/29 02:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014/10/29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/10/29 02:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014/10/29 02:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/10/29 02:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014/10/29 02:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/10/29 02:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014/10/29 02:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/10/29 02:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014/10/29 02:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/10/29 02:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/10/29 02:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/10/29 02:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014/10/29 01:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/10/29 01:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/10/29 01:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/09/11 08:49:56 | 000,148,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyCriticalService.exe -- (DptfPolicyCriticalService)
SRV:64bit: - [2013/09/11 08:49:56 | 000,124,880 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyLpmService.exe -- (DptfPolicyLpmService)
SRV:64bit: - [2013/09/11 08:49:56 | 000,116,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyConfigTDPService.exe -- (DptfPolicyConfigTDPService)
SRV:64bit: - [2013/09/11 08:49:54 | 000,115,632 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService)
SRV:64bit: - [2013/09/02 14:31:00 | 000,827,392 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2013/08/29 17:01:56 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\P4G\InsOnSrv.exe -- (ASUS InstantOn)
SRV:64bit: - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2016/02/29 20:58:26 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/01/09 16:17:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2015/09/08 19:55:41 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015/07/09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/05/07 16:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/29 02:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 02:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/11/28 23:38:34 | 000,318,592 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/11/28 23:14:12 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/11/09 01:08:52 | 000,227,936 | ---- | M] (WildTangent) [Auto | Running] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2013/10/23 14:45:30 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/10/23 14:44:48 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/10/23 14:44:48 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2013/10/11 04:16:16 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/09 11:04:42 | 000,111,416 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2013/08/16 09:04:18 | 000,071,680 | ---- | M] (ASUS Cloud Corporation) [Auto | Running] -- C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/02/12 03:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015/11/20 13:21:22 | 000,263,528 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/11/20 13:21:22 | 000,206,312 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/11/20 13:21:22 | 000,186,784 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/11/20 13:21:22 | 000,142,976 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ekbdflt.sys -- (ekbdflt)
DRV:64bit: - [2015/11/20 13:21:22 | 000,069,840 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/11/20 13:21:22 | 000,052,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/11/20 13:21:22 | 000,014,976 | ---- | M] (ESET) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\eelam.sys -- (eelam)
DRV:64bit: - [2015/11/12 22:50:10 | 000,026,880 | ---- | M] (Western Digital Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2015/10/11 07:34:30 | 000,468,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2015/09/29 13:24:42 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2015/04/16 07:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2015/03/20 02:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015/03/13 05:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2015/03/09 03:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015/03/04 11:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/11/10 19:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/10/29 04:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/10/29 04:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/10/29 04:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/29 03:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/10/29 03:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014/10/29 03:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/10/29 03:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014/10/29 03:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014/10/15 09:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/10/13 03:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/13 03:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/07 07:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/10/07 07:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014/08/15 01:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/13 13:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/02/22 16:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 13:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/12/13 05:43:32 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/12/13 05:32:42 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/12/12 15:07:14 | 000,070,928 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2013/12/04 19:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/28 23:16:18 | 000,597,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/11/28 23:16:18 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/11/28 23:16:18 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/11/28 23:16:18 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/11/28 23:16:18 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/11/28 23:16:18 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/11/28 23:16:18 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/11/28 23:16:18 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/11/13 01:05:22 | 003,880,448 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/10/26 02:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/23 14:44:48 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/10/11 04:16:00 | 004,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/10/08 02:47:18 | 000,020,280 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2013/10/07 04:08:18 | 000,449,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/09/26 10:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/09/26 10:08:22 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/09/11 08:49:54 | 000,494,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfManager.sys -- (DptfManager)
DRV:64bit: - [2013/09/11 08:49:52 | 000,287,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevProc.sys -- (DptfDevProc)
DRV:64bit: - [2013/09/11 08:49:52 | 000,143,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevDram.sys -- (DptfDevDram)
DRV:64bit: - [2013/09/11 08:49:52 | 000,114,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevPch.sys -- (DptfDevPch)
DRV:64bit: - [2013/08/29 17:01:54 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Program Files\ASUS\P4G\PLCTRL.sys -- (plctrl)
DRV:64bit: - [2013/08/22 21:59:34 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/15 07:28:42 | 000,830,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/09 03:31:50 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/24 07:53:12 | 000,423,128 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:64bit: - [2013/06/18 16:05:45 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2013/06/18 15:45:58 | 011,518,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2013/06/18 15:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2013/04/17 17:53:10 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2013/03/26 09:31:52 | 001,558,528 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:64bit: - [2012/08/06 04:17:18 | 000,017,280 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2011/02/11 22:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV - [2013/07/02 17:45:52 | 000,019,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2002/06/13 15:08:46 | 000,014,604 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\..\SearchScopes\{07A1AF88-D5DC-4C6A-8244-EEFC38E48803}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.73.2: C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2: C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()


[2016/01/09 12:29:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pefa\AppData\Roaming\mozilla\Extensions
[2016/03/01 15:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pefa\AppData\Roaming\mozilla\Firefox\Profiles\1xq7dquv.default-1456840856214\extensions

O1 HOSTS File: ([2016/02/25 22:25:12 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\WINDOWS\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysNative\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe ()
O4 - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001..\Run: [Power2GoExpress] NA File not found
O4 - Startup: C:\Users\pefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration-Studio 8.lnk = C:\Program Files (x86)\Pinnacle\Studio 8\Register\RegTool.exe (Pinnacle Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.153.117.33 93.153.117.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1831E94-A629-4B1D-A820-D39BD5C7C15E}: DhcpNameServer = 192.15.128.24
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC9BFEA0-2936-43F0-B334-4E2AB47AAC07}: DhcpNameServer = 93.153.117.33 93.153.117.1 8.8.8.8
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{26649591-bb57-11e5-8264-54271e50ff48}\Shell - "" = AutoRun
O33 - MountPoints2\{26649591-bb57-11e5-8264-54271e50ff48}\Shell\AutoRun\command - "" = "F:\autorun.exe"
O33 - MountPoints2\{c5c53679-fffc-11e3-825b-54271e50ff48}\Shell - "" = AutoRun
O33 - MountPoints2\{c5c53679-fffc-11e3-825b-54271e50ff48}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.i420 - C:\WINDOWS\SysWow64\vdrcodec.dll (Pinnacle Systems)
Drivers32: VIDC.PIM1 - C:\WINDOWS\SysWow64\pclepim1.dll (Pinnacle Systems)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2016/03/03 17:41:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\pefa\Desktop\OTL.exe
[2016/03/01 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Local\ElevatedDiagnostics
[2016/02/29 20:57:51 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Local\Adobe
[2016/02/29 18:59:01 | 000,049,152 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\SysWow64\PCLEGetGuid.dll
[2016/02/29 18:59:00 | 000,081,920 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\SysWow64\vdrmux.dll
[2016/02/29 18:59:00 | 000,046,592 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\SysWow64\vdrcodec.dll
[2016/02/29 18:59:00 | 000,040,960 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\SysWow64\langserv.dll
[2016/02/29 18:58:59 | 000,450,641 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\SysWow64\DiskIO.dll
[2016/02/29 18:58:59 | 000,143,360 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\SysWow64\RALMain.dll
[2016/02/29 18:58:59 | 000,114,759 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\SysWow64\Aviprax.dll
[2016/02/29 18:58:59 | 000,073,728 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\SysWow64\MMAviAx.dll
[2016/02/29 18:58:59 | 000,032,838 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\SysWow64\Cachex.dll
[2016/02/29 18:58:59 | 000,032,768 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\SysWow64\MLPagAx.dll
[2016/02/29 18:58:57 | 000,298,168 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\Ltrio13n.dll
[2016/02/29 18:58:52 | 000,898,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\Ltr13n.dll
[2016/02/29 18:58:51 | 000,086,016 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2016/02/29 18:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Hollywood FX
[2016/02/29 18:55:18 | 000,014,604 | ---- | C] (Padus, Inc.) -- C:\WINDOWS\SysWow64\drivers\pfc.sys
[2016/02/29 18:54:56 | 000,061,440 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\SysWow64\pclepim1.dll
[2016/02/29 18:54:56 | 000,060,416 | ---- | C] ( Pinnacle System GmbH) -- C:\WINDOWS\SysWow64\miroDV2Bmp.dll
[2016/02/29 18:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 8
[2016/02/29 18:54:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2016/02/29 18:54:29 | 000,014,165 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\SysWow64\drivers\Pclepci.sys
[2016/02/28 11:19:01 | 000,000,000 | ---D | C] -- C:\Users\pefa\Desktop\Nová složka
[2016/02/28 11:01:30 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Local\Diagnostics
[2016/02/23 18:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AntiTwin
[2016/02/23 18:41:35 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Local\MindGems
[2016/02/22 08:35:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016/02/22 08:31:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2016/02/22 08:31:33 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Local\Temp
[2016/02/21 15:13:05 | 000,000,000 | ---D | C] -- C:\Users\pefa\Desktop\thumbs
[2016/02/20 18:57:12 | 020,353,728 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2016/02/19 22:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
[2016/02/19 22:46:58 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Roaming\Maxthon3
[2016/02/19 22:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxthon
[2016/02/18 21:42:05 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Local\ESET
[2016/02/18 21:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2016/02/18 21:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2016/02/18 21:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2016/02/15 18:50:59 | 000,000,000 | ---D | C] -- C:\TEMP
[2016/02/12 08:05:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/02/11 18:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2016/02/11 00:49:12 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2016/02/11 00:49:11 | 000,898,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2016/02/11 00:49:11 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDec.dll
[2016/02/11 00:49:11 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EncDec.dll
[2016/02/11 00:49:11 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxoci.dll
[2016/02/11 00:49:08 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msorcl32.dll
[2016/02/11 00:49:08 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxoci.dll
[2016/02/11 00:49:07 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cfgbkend.dll
[2016/02/11 00:49:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cfgbkend.dll
[2016/02/11 00:49:05 | 007,075,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2016/02/11 00:49:04 | 007,783,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2016/02/11 00:49:04 | 005,267,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2016/02/11 00:49:03 | 005,264,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2016/02/11 00:48:56 | 014,467,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/02/11 00:48:55 | 012,879,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/02/11 00:48:53 | 002,778,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2016/02/11 00:48:53 | 002,464,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2016/02/11 00:47:22 | 007,453,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/02/11 00:47:21 | 002,175,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2016/02/11 00:47:21 | 001,737,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2016/02/11 00:47:21 | 001,133,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2016/02/11 00:47:20 | 001,564,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2016/02/11 00:47:20 | 000,548,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2016/02/11 00:47:20 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2016/02/11 00:47:19 | 001,063,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2016/02/11 00:47:19 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2016/02/11 00:47:07 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSync.dll
[2016/02/11 00:47:07 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinSync.dll
[2016/02/11 00:47:06 | 001,362,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016/02/11 00:47:06 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2016/02/11 00:47:05 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2016/02/11 00:47:05 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2016/02/11 00:47:05 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2016/02/11 00:47:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016/02/11 00:47:05 | 000,033,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2016/02/11 00:46:56 | 001,442,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/02/11 00:46:56 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2016/02/11 00:46:56 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2016/02/11 00:46:55 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2016/02/11 00:46:20 | 006,052,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/02/11 00:46:12 | 002,123,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2016/02/11 00:46:12 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2016/02/11 00:46:12 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2016/02/11 00:46:11 | 002,880,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2016/02/11 00:46:11 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2016/02/11 00:46:10 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2016/02/11 00:46:10 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2016/02/11 00:46:10 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2016/02/11 00:46:08 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2016/02/11 00:46:06 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2016/02/11 00:46:06 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2016/02/11 00:45:58 | 002,243,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2016/02/11 00:45:58 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2016/02/11 00:45:58 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2016/02/11 00:45:58 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2016/02/11 00:45:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2016/02/11 00:45:58 | 000,136,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2016/02/11 00:45:58 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2016/02/11 00:45:58 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2016/02/11 00:45:58 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2016/02/11 00:45:58 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2016/02/11 00:45:58 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2016/02/11 00:45:45 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2016/02/11 00:45:45 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2016/02/09 19:37:49 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Roaming\avidemux
[2016/02/09 19:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits)
[2016/02/09 19:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avidemux 2.6 - 32 bits
[2016/02/09 19:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2016/02/09 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2016/02/09 19:27:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2016/02/09 19:27:21 | 000,000,000 | ---D | C] -- C:\Users\pefa\AppData\Roaming\Seznam.cz
[2016/02/09 19:26:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2016/02/09 19:23:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ztvcabinet.dll
[2016/02/09 19:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TUGZip
[2016/02/09 19:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TUGZip
[2016/02/09 18:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle

========== Files - Modified Within 30 Days ==========

[2016/03/03 17:57:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/03/03 17:55:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/03/03 17:47:44 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/03/03 17:47:36 | 000,000,074 | ---- | M] () -- C:\Users\pefa\AppData\Roaming\sp_data.sys
[2016/03/03 17:45:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/03/03 17:45:39 | 761,069,567 | -HS- | M] () -- C:\hiberfil.sys
[2016/03/03 17:44:09 | 000,165,376 | ---- | M] () -- C:\Users\pefa\Desktop\SystemLook_x64.exe
[2016/03/03 17:41:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pefa\Desktop\OTL.exe
[2016/03/01 14:36:02 | 000,379,624 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/02/29 19:38:40 | 001,745,984 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/02/29 19:38:40 | 000,747,350 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2016/02/29 19:38:40 | 000,729,902 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/02/29 19:38:40 | 000,154,554 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2016/02/29 19:38:40 | 000,138,536 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/02/29 19:03:38 | 000,001,320 | ---- | M] () -- C:\Users\pefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration-Studio 8.lnk
[2016/02/28 23:49:13 | 000,009,728 | ---- | M] () -- C:\Users\pefa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/02/28 10:51:37 | 000,000,145 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc
[2016/02/27 07:08:20 | 000,027,798 | ---- | M] () -- C:\Users\pefa\Desktop\image002.jpg
[2016/02/27 07:08:20 | 000,014,858 | ---- | M] () -- C:\Users\pefa\Desktop\image001.jpg
[2016/02/26 18:01:02 | 000,009,242 | ---- | M] () -- C:\Users\pefa\Desktop\cc_20160226_180042.reg
[2016/02/25 22:25:12 | 000,000,035 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2016/02/25 22:24:34 | 000,029,696 | ---- | M] () -- C:\Users\pefa\AppData\Local\MSGBOX.EXE
[2016/02/21 14:58:09 | 000,000,761 | ---- | M] () -- C:\Users\pefa\Desktop\AAA-prenos do PC – zástupce.lnk
[2016/02/21 14:58:09 | 000,000,743 | ---- | M] () -- C:\Users\pefa\Desktop\hudba na party – zástupce.lnk
[2016/02/21 14:58:09 | 000,000,689 | ---- | M] () -- C:\Users\pefa\Desktop\programy – zástupce.lnk
[2016/02/21 14:58:09 | 000,000,669 | ---- | M] () -- C:\Users\pefa\Desktop\Render – zástupce.lnk
[2016/02/21 14:11:44 | 000,001,042 | ---- | M] () -- C:\Users\pefa\Desktop\jak se naladit – zástupce.lnk
[2016/02/20 18:57:14 | 020,353,728 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2016/02/19 22:47:04 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
[2016/02/19 19:14:25 | 000,031,301 | R--- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.20160219-191425.backup
[2016/02/19 19:14:25 | 000,030,896 | R--- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.20160219-200548.backup
[2016/02/18 21:23:47 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
[2016/02/09 19:30:49 | 000,041,472 | ---- | M] () -- C:\Users\pefa\AppData\Local\Yearquadfan.dat
[2016/02/09 19:25:31 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2016/02/07 18:37:10 | 003,001,696 | ---- | M] () -- C:\Users\pefa\Desktop\SIGMA_BC1612_BC1612sts_Montage.pdf
[2016/02/04 21:17:02 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf

========== Files Created - No Company Name ==========

[2016/03/03 17:55:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/03/03 17:44:05 | 000,165,376 | ---- | C] () -- C:\Users\pefa\Desktop\SystemLook_x64.exe
[2016/02/29 20:58:26 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/02/29 19:03:38 | 000,001,320 | ---- | C] () -- C:\Users\pefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration-Studio 8.lnk
[2016/02/29 18:54:56 | 000,038,232 | ---- | C] () -- C:\WINDOWS\wmprfsky.prx
[2016/02/29 18:54:56 | 000,037,916 | ---- | C] () -- C:\WINDOWS\wmprffra.prx
[2016/02/29 18:54:56 | 000,037,014 | ---- | C] () -- C:\WINDOWS\wmprfhun.prx
[2016/02/29 18:54:56 | 000,036,594 | ---- | C] () -- C:\WINDOWS\wmprfell.prx
[2016/02/29 18:54:56 | 000,035,916 | ---- | C] () -- C:\WINDOWS\wmprfptg.prx
[2016/02/29 18:54:56 | 000,035,822 | ---- | C] () -- C:\WINDOWS\wmprfplk.prx
[2016/02/29 18:54:56 | 000,035,680 | ---- | C] () -- C:\WINDOWS\wmprfita.prx
[2016/02/29 18:54:56 | 000,035,590 | ---- | C] () -- C:\WINDOWS\wmprfesp.prx
[2016/02/29 18:54:56 | 000,035,474 | ---- | C] () -- C:\WINDOWS\wmprfcsy.prx
[2016/02/29 18:54:56 | 000,035,306 | ---- | C] () -- C:\WINDOWS\wmprfrus.prx
[2016/02/29 18:54:56 | 000,033,820 | ---- | C] () -- C:\WINDOWS\WMPrfDeu.prx
[2016/02/29 18:54:56 | 000,033,694 | ---- | C] () -- C:\WINDOWS\wmprfptb.prx
[2016/02/29 18:54:56 | 000,033,580 | ---- | C] () -- C:\WINDOWS\wmprfslv.prx
[2016/02/29 18:54:56 | 000,033,336 | ---- | C] () -- C:\WINDOWS\WMPrfAra.prx
[2016/02/29 18:54:56 | 000,033,314 | ---- | C] () -- C:\WINDOWS\wmprfsve.prx
[2016/02/29 18:54:56 | 000,032,964 | ---- | C] () -- C:\WINDOWS\wmprfnld.prx
[2016/02/29 18:54:56 | 000,032,852 | ---- | C] () -- C:\WINDOWS\wmprfnor.prx
[2016/02/29 18:54:56 | 000,032,022 | ---- | C] () -- C:\WINDOWS\wmprftrk.prx
[2016/02/29 18:54:56 | 000,031,764 | ---- | C] () -- C:\WINDOWS\wmprffin.prx
[2016/02/29 18:54:56 | 000,031,712 | ---- | C] () -- C:\WINDOWS\wmprfdan.prx
[2016/02/29 18:54:56 | 000,028,718 | ---- | C] () -- C:\WINDOWS\wmprfheb.prx
[2016/02/29 18:54:56 | 000,023,304 | ---- | C] () -- C:\WINDOWS\WMPrfJpn.prx
[2016/02/29 18:54:56 | 000,022,338 | ---- | C] () -- C:\WINDOWS\WMPrfKor.prx
[2016/02/29 18:54:56 | 000,019,492 | ---- | C] () -- C:\WINDOWS\WMPrfCHS.prx
[2016/02/29 18:54:56 | 000,018,804 | ---- | C] () -- C:\WINDOWS\WMPrfCHT.prx
[2016/02/27 07:08:20 | 000,027,798 | ---- | C] () -- C:\Users\pefa\Desktop\image002.jpg
[2016/02/27 07:08:20 | 000,014,858 | ---- | C] () -- C:\Users\pefa\Desktop\image001.jpg
[2016/02/26 18:00:57 | 000,009,242 | ---- | C] () -- C:\Users\pefa\Desktop\cc_20160226_180042.reg
[2016/02/25 22:23:03 | 000,029,696 | ---- | C] () -- C:\Users\pefa\AppData\Local\MSGBOX.EXE
[2016/02/23 18:59:37 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
[2016/02/21 14:58:09 | 000,000,761 | ---- | C] () -- C:\Users\pefa\Desktop\AAA-prenos do PC – zástupce.lnk
[2016/02/21 14:58:09 | 000,000,743 | ---- | C] () -- C:\Users\pefa\Desktop\hudba na party – zástupce.lnk
[2016/02/21 14:58:09 | 000,000,689 | ---- | C] () -- C:\Users\pefa\Desktop\programy – zástupce.lnk
[2016/02/21 14:58:09 | 000,000,669 | ---- | C] () -- C:\Users\pefa\Desktop\Render – zástupce.lnk
[2016/02/21 14:11:44 | 000,001,042 | ---- | C] () -- C:\Users\pefa\Desktop\jak se naladit – zástupce.lnk
[2016/02/19 22:47:04 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
[2016/02/18 21:23:47 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
[2016/02/09 19:30:50 | 000,041,472 | ---- | C] () -- C:\Users\pefa\AppData\Local\Yearquadfan.dat
[2016/02/09 19:23:23 | 000,162,304 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunrar36.dll
[2016/02/09 19:23:23 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunace26.dll
[2016/02/07 18:36:59 | 003,001,696 | ---- | C] () -- C:\Users\pefa\Desktop\SIGMA_BC1612_BC1612sts_Montage.pdf
[2016/02/04 21:17:02 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2016/01/22 18:24:11 | 000,009,728 | ---- | C] () -- C:\Users\pefa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/01/10 08:59:36 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2016/01/10 08:58:01 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016/01/09 18:36:55 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016/01/09 15:57:49 | 000,002,844 | ---- | C] () -- C:\ProgramData\CfSB1240A.ini
[2016/01/09 15:57:49 | 000,002,844 | ---- | C] () -- C:\ProgramData\CfSB1240.ini
[2016/01/09 14:32:48 | 000,786,504 | ---- | C] () -- C:\WINDOWS\SysWow64\CNQ_412N.DAT
[2016/01/09 14:32:48 | 000,296,064 | ---- | C] () -- C:\WINDOWS\SysWow64\CNQ_412W.DAT
[2016/01/09 11:18:03 | 000,000,074 | ---- | C] () -- C:\Users\pefa\AppData\Roaming\sp_data.sys
[2014/03/20 14:41:56 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/12/12 22:00:53 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2013/12/12 22:00:53 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd

========== ZeroAccess Check ==========

[2016/02/09 19:30:28 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/01/22 09:01:44 | 022,365,992 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 08:11:11 | 019,794,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/03/20 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WebStorage
[2013/12/12 22:02:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WildTangent
[2016/02/09 20:06:58 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\avidemux
[2016/01/09 12:12:12 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\awsRun
[2016/01/17 16:13:06 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Canon
[2016/01/09 12:34:02 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\IrfanView
[2016/02/19 22:47:06 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Maxthon3
[2016/01/09 12:26:39 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\OpenOffice
[2016/02/19 07:58:18 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Seznam.cz
[2016/01/09 11:18:42 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\WebStorage

========== Purity Check ==========



========== Custom Scans ==========

< >
[2013/08/22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2016/02/29 20:58:26 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2016/01/19 05:14:57 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2016/01/19 05:14:58 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2016/01/19 05:21:55 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/02/22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2016/01/24 09:33:15 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2016/01/19 05:29:36 | 000,018,016 | ---- | M] () MD5=14E1348B6D5DD39C23C2F8FE569B52E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
[2014/10/29 02:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\WINDOWS\SysNative\cryptsvc.dll
[2014/10/29 02:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.17415_none_670a944b6e8cc0e5\cryptsvc.dll


Nahoru
 Profil  
 
PříspěvekNapsal: 03 bře 2016 19:04 
Offline
Návštěvník
Návštěvník

Registrován: 20 úno 2016 19:21
Příspěvky: 23
< MD5 for: EXPLORER.EXE >
[2016/01/20 02:47:42 | 000,406,329 | ---- | M] () MD5=025BA45EB718AE0DE32895BE9F020387 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2016/01/24 02:48:47 | 000,346,045 | ---- | M] () MD5=04070828E1AE13385991A06123A9F287 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2016/01/20 02:47:30 | 000,416,660 | ---- | M] () MD5=1411F9B76BFCAB54056F768C5553C696 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4273071d4db37533\explorer.exe
[2016/01/20 02:47:45 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2016/01/20 02:47:39 | 000,406,497 | ---- | M] () MD5=1F499FDDEBB43C93D9C844D81ACC755C -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2016/01/24 02:48:52 | 000,345,923 | ---- | M] () MD5=2C862CE86A0FA1E02E1518B5E20FC35E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2016/01/20 02:47:33 | 000,402,246 | ---- | M] () MD5=499E919B68D95FA058DAA264A34109AE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2016/01/24 02:48:55 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2016/01/20 02:47:35 | 000,403,672 | ---- | M] () MD5=6542E411E0C411494F41E5D1A603F3B6 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2016/01/24 02:48:35 | 000,353,455 | ---- | M] () MD5=82E88B451E1B2113EB6EE3EFB0A208AB -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4cc7b16f8214372e\explorer.exe
[2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\SysWOW64\explorer.exe
[2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\explorer.exe
[2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2016/01/24 02:48:43 | 000,344,818 | ---- | M] () MD5=C90064856B7A90F7EEF367E47F0BD9D5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2016/01/24 02:48:39 | 000,346,252 | ---- | M] () MD5=E7F88CCF2AC29DE7F85D7BC594408ADD -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe

< MD5 for: HAL.DLL >
[2014/06/02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2016/01/20 02:52:12 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2016/01/20 02:52:10 | 000,067,471 | ---- | M] () MD5=53F3F6C24F3E39723B9482ACCF289CBC -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2016/01/20 02:52:11 | 000,067,142 | ---- | M] () MD5=761F6058154E7D086BA165F8A2FD33B5 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll
[2016/01/20 02:52:10 | 000,068,501 | ---- | M] () MD5=94F68ACBC0E52C0197D391A9822D7FB3 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16384_none_9be752af2da13dc9\hal.dll

< MD5 for: IASTORV.SYS >
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2016/01/19 05:14:57 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2016/01/19 05:14:58 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys

< MD5 for: LSASS.EXE >
[2014/10/29 04:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\WINDOWS\SysNative\lsass.exe
[2014/10/29 04:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.17415_none_2e769c84660bda1b\lsass.exe
[2016/01/21 03:06:06 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16384_none_2e2a01a866456d93\lsass.exe
[2016/01/21 03:06:08 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe

< MD5 for: NDIS.SYS >
[2016/01/22 03:13:37 | 000,165,519 | ---- | M] () MD5=07CE116810C119B65E9DEFA34E50C00D -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2016/01/22 03:13:20 | 000,163,354 | ---- | M] () MD5=1246A131E243274F831E8AF8E8E1F329 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16384_none_4a13de3ffc031231\ndis.sys
[2016/01/22 03:13:28 | 000,163,722 | ---- | M] () MD5=156BE9DA7ECE2FB05C0EF42170EC6028 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2016/01/22 03:13:32 | 000,161,306 | ---- | M] () MD5=2E04E1C57616409A4D86B7678AD296D1 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2016/01/22 03:13:24 | 000,163,936 | ---- | M] () MD5=600E93591B1D62BA35F7F6965105B1A0 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2015/07/14 22:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2015/07/14 22:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17933_none_4a48e22dfbdb75b0\ndis.sys
[2016/01/22 03:13:39 | 000,083,281 | ---- | M] () MD5=E47216FC1C4FCA5C1A9E3BBB79EA37FD -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17399_none_4a0df8fdfc06c676\ndis.sys

< MD5 for: NETLOGON.DLL >
[2014/10/29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\WINDOWS\SysNative\netlogon.dll
[2014/10/29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_eec2b22a0bb75b53\netlogon.dll
[2016/01/22 03:32:10 | 000,125,384 | ---- | M] () MD5=45C2C2EA335BD7FF360C7F006B915766 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2016/01/24 03:12:14 | 000,104,557 | ---- | M] () MD5=8203890854F74B5ACB9E8920EE24C826 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2016/01/24 03:12:15 | 000,105,907 | ---- | M] () MD5=B25E2DE4078511EB1747FA0BDB6E4FC5 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2016/01/22 03:32:08 | 000,123,829 | ---- | M] () MD5=C5EFDD0CD180E1CEB92294BF4B7F07A1 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
[2014/10/29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\SysWOW64\netlogon.dll
[2014/10/29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_f9175c7c40181d4e\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: SCECLI.DLL >
[2016/01/24 03:10:26 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2016/01/22 03:29:46 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014/10/29 02:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\WINDOWS\SysNative\scecli.dll
[2014/10/29 02:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/10/29 02:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/10/29 02:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll

< MD5 for: SMSS.EXE >
[2016/01/22 03:42:23 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014/02/22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe

< MD5 for: SVCHOST.EXE >
[2016/01/24 10:03:27 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2016/01/22 03:32:53 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014/10/29 04:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/10/29 04:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/10/29 05:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\WINDOWS\SysNative\svchost.exe
[2014/10/29 05:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe

< MD5 for: TCPIP.SYS >
[2016/01/23 03:23:24 | 000,528,006 | ---- | M] () MD5=2C7110C2B2B558A401796BFA3CCA8103 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2016/01/23 03:23:48 | 000,288,350 | ---- | M] () MD5=5942F26DD54126E0D5D65D5EB834CC0B -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17415_none_a4290d393a23b3f2\tcpip.sys
[2016/01/23 03:23:28 | 000,528,347 | ---- | M] () MD5=5A1A08231D8428DEDA2D8E1C5D331612 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2016/01/23 03:23:32 | 000,526,770 | ---- | M] () MD5=61C0AF328195C83F6927193C91D8619B -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2015/06/11 21:12:57 | 002,476,376 | ---- | M] (Microsoft Corporation) MD5=746DDF7D59AB8D721C88D48434597E8D -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2015/06/11 21:12:57 | 002,476,376 | ---- | M] (Microsoft Corporation) MD5=746DDF7D59AB8D721C88D48434597E8D -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17903_none_a431e60f3a1d5716\tcpip.sys
[2016/01/23 03:23:21 | 000,529,795 | ---- | M] () MD5=74864C1621D5CB6DE6BC0E5A3C2D40A1 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys
[2016/01/23 03:23:17 | 000,523,202 | ---- | M] () MD5=9B0364641946C3B7A4AED72311516049 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16384_none_a3dc725d3a5d476a\tcpip.sys
[2016/01/23 03:23:36 | 000,483,044 | ---- | M] () MD5=9DA504195BE369DC6EA78F636FA30667 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2016/01/23 03:23:44 | 000,481,946 | ---- | M] () MD5=EA334A4CD901A652B2A6F5FA401103B3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2016/01/23 03:29:37 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2016/01/24 10:11:34 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014/10/29 02:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\WINDOWS\SysNative\userinit.exe
[2014/10/29 02:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014/10/29 02:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014/10/29 02:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe

< MD5 for: WINLOGON.EXE >
[2016/01/23 03:36:19 | 000,050,608 | ---- | M] () MD5=139F3E7820BF0640805DE98C32D07B92 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
[2015/10/05 19:25:35 | 000,572,928 | ---- | M] (Microsoft Corporation) MD5=3F8645885823692D93765817759BE21C -- C:\WINDOWS\SysNative\winlogon.exe
[2015/10/05 19:25:35 | 000,572,928 | ---- | M] (Microsoft Corporation) MD5=3F8645885823692D93765817759BE21C -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18083_none_60802d95a8e9a4df\winlogon.exe
[2016/01/23 03:36:17 | 000,102,277 | ---- | M] () MD5=87746CAF036A8D7806D76F6EBD972D91 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2016/01/23 03:36:19 | 000,101,326 | ---- | M] () MD5=DF5284AF054E361FC5596E8049625582 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe

< MD5 for: WS2_32.DLL >
[2014/10/29 04:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\SysWOW64\ws2_32.dll
[2014/10/29 04:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_87a41025e9b6078a\ws2_32.dll
[2014/10/29 04:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\WINDOWS\SysNative\ws2_32.dll
[2014/10/29 04:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_e3c2aba9a21378c0\ws2_32.dll
[2016/01/24 10:12:11 | 000,062,052 | ---- | M] () MD5=58D09EFD883813FC9709A9D98A7209DF -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2016/01/23 03:31:32 | 000,065,749 | ---- | M] () MD5=F77C96590EA4741EB62B0FBC7A9FFFE8 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2016/01/09 11:13:37 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Adobe
[2016/02/21 15:12:46 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Atheros
[2016/02/09 20:06:58 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\avidemux
[2016/01/09 12:12:12 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\awsRun
[2016/01/17 16:13:06 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Canon
[2016/01/23 00:45:07 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Creative
[2016/01/16 18:06:19 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\CyberLink
[2016/01/30 21:24:16 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\dvdcss
[2016/01/10 15:18:27 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Identities
[2016/01/09 12:34:02 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\IrfanView
[2016/01/09 16:28:24 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Macromedia
[2016/02/19 22:47:06 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Maxthon3
[2016/02/09 19:28:28 | 000,000,000 | --SD | M] -- C:\Users\pefa\AppData\Roaming\Microsoft
[2016/01/09 12:29:57 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Mozilla
[2016/01/09 12:26:39 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\OpenOffice
[2016/02/19 07:58:18 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Seznam.cz
[2016/03/01 14:34:27 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Skype
[2016/01/09 16:55:43 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\Sun
[2016/03/01 19:12:14 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\vlc
[2016/01/09 11:18:42 | 000,000,000 | ---D | M] -- C:\Users\pefa\AppData\Roaming\WebStorage

< %APPDATA%\*.exe /s >
[2015/02/28 03:13:16 | 001,794,840 | ---- | M] (Maxthon International ltd.) -- C:\Users\pefa\AppData\Roaming\Maxthon3\Public\MxUp\MxUp.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2016/02/06 10:16:20 | 012,857,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2016/02/06 10:16:20 | 012,857,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Power2GoExpress" = NA
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2016/02/12 22:11:52 | 008,641,240 | ---- | M] (Piriform Ltd)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016/03/03 17:55:23 | 000,000,512 | ---- | M] () MD5=7DCA852617978FFE07C048A6E9BEEF08 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010/03/04 21:37:46 | 000,010,179 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Effects\65 - Patriotic\FireCracker.hfx
[2010/03/04 21:37:46 | 000,008,201 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Effects\70 - Foods\Crackers.hfx
[2010/03/04 21:45:04 | 001,543,882 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Food\Cracker.hfo
[2010/03/04 21:45:06 | 000,026,143 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker BAM.hfo
[2010/03/04 21:45:06 | 000,027,267 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker bottom.hfo
[2010/03/04 21:45:06 | 000,080,879 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker top.hfo
[2010/10/19 13:32:04 | 000,843,284 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Gag\Whip Crack Vx.wav
[2010/10/19 13:32:04 | 000,843,284 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Gag\Whip Crack.wav
[2010/10/19 13:32:06 | 000,597,884 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Hrající si děti\Bat Crack .wav
[2010/10/19 13:32:08 | 016,633,220 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Zimní radovánky\Crackling Hearth.wav

< *keygen* /s >
[2016/02/29 18:49:44 | 000,636,366 | ---- | M] () -- \Users\pefa\AppData\Local\CrashDumps\Keygen.exe.7088.dmp
[2016/02/29 18:49:58 | 000,027,116 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-768BA652.pf
[2016/02/09 19:29:53 | 000,163,908 | ---- | M] () -- \Windows\Prefetch\PINNACLE STUDIO 15 KEYGEN__17-871B09C5.pf

< *AntiWPA* /s >
< *loader* /s >
[2013/10/17 10:34:42 | 001,168,672 | ---- | M] () -- \eSupport\eDriver\Software\Display\nVidia\R331\Win7_64_Win8_64_Win81_64_9.18.13.3204\GFExperience\ExtensionLoader.dll
[2013/09/25 01:39:12 | 000,027,704 | ---- | M] () -- \eSupport\eDriver\Software\Mcafee\Mcafee\Win81_32_Win81_64_12.8.856\SelfProtect\Win32\aploader.exe
[2013/09/25 01:16:04 | 000,028,264 | ---- | M] () -- \eSupport\eDriver\Software\Mcafee\Mcafee\Win81_32_Win81_64_12.8.856\SelfProtect\Win64\aploader.exe
[2013/10/01 16:43:08 | 000,020,192 | ---- | M] () -- \eSupport\eDriver\Software\Modern_Application\ASUS\ASUS_PhotoDirector\Win8_64_Win81_32_Win81_64_2.0.2127.1\F5080380.ASUSPhotoDirector_2.0.2127.1_x86__tfv7c950n6xcr.main\js\fileWorker\cacheLoader.js
[2013/12/12 15:07:10 | 000,201,528 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
[2013/12/12 15:07:06 | 000,198,968 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
[2015/12/24 08:33:16 | 000,063,272 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe
[2015/01/14 10:43:42 | 000,099,328 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\ASUSWSDownloader.exe
[2015/01/14 10:41:14 | 000,007,680 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\de\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,007,168 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\es\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,007,680 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\fr\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,007,168 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\it\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,007,680 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\ja\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,007,168 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\ko\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,007,168 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\pt\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,008,192 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\ru\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,006,656 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\zh-CN\ASUSWSDownloader.resources.dll
[2015/01/14 10:41:14 | 000,006,656 | ---- | M] () -- \Program Files (x86)\ASUS\WebStorage\2.2.6.547\AWS Restorer\zh-TW\ASUSWSDownloader.resources.dll
[2016/01/29 10:14:02 | 000,019,456 | ---- | M] () -- \Program Files (x86)\Avidemux 2.6 - 32 bits\libADM_coreImageLoader6.dll
[2011/03/09 14:24:46 | 002,475,304 | ---- | M] () -- \Program Files (x86)\CyberLink\Power2Go\runtime\CES\PlugIn\CES_3DLoaderFBX.dll
[2013/08/29 18:45:22 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2013/08/29 18:45:24 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2013/08/29 18:45:24 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2014/09/12 11:06:38 | 000,076,088 | ---- | M] () -- \Program Files (x86)\Maxthon\Bin\MxAppLoader.exe
[2015/10/28 07:49:42 | 000,706,984 | ---- | M] () -- \Program Files (x86)\Maxthon\Bin\MxDownloader.dll
[2015/04/17 03:14:24 | 000,086,768 | ---- | M] () -- \Program Files (x86)\Maxthon\Core\Webkit\Npplugins\gameloader.exe
[2013/09/27 12:41:58 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013/09/27 12:41:58 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013/09/27 12:41:40 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013/09/27 12:41:40 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2015/10/21 15:49:08 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\javaloader.uno.dll
[2015/10/21 15:53:44 | 000,005,813 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.py
[2015/10/21 15:49:12 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.uno.dll
[2015/10/21 16:33:02 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.uno.ini
[2015/10/21 10:42:14 | 000,003,868 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\classes\unoloader.jar
[2015/10/21 10:59:02 | 000,013,501 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\python-core-2.7.6\lib\unittest\loader.py
[2012/05/21 22:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012/07/19 00:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2013/06/13 23:04:54 | 000,009,106 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2013/06/13 23:04:54 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2013/10/01 16:43:08 | 000,020,192 | ---- | M] () -- \Program Files\WindowsApps\F5080380.ASUSPhotoDirector_2.1.3706.2_x86__tfv7c950n6xcr\js\fileWorker\cacheLoader.js
[2014/06/30 04:05:17 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2015/01/25 19:07:37 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.5.1508.1801_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2015/01/25 19:07:37 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.5.1508.1801_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2015/01/25 19:07:37 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.5.1508.1801_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2015/01/25 19:07:37 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.5.1508.1801_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2015/01/25 19:08:14 | 000,001,338 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.5.1508.1801_x86__8wekyb3d8bbwe\LoaderPage.xbf
[2015/01/25 19:08:15 | 000,011,300 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.5.1508.1801_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderPage.xbf
[2015/01/25 19:08:15 | 000,002,178 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.5.1508.1801_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\StandartPreloaderControl.xbf
[2013/12/12 22:08:37 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/12/12 22:08:44 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/12/12 22:08:44 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/12/12 22:06:46 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2016/02/29 19:00:54 | 000,021,040 | ---- | M] () -- \Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\1Q55MVDK\AdLoader-v2-bdb5c01da1fe56b2e37e56418195cfd6.min[1].js
[2016/02/29 19:00:43 | 000,021,956 | ---- | M] () -- \Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\1Q55MVDK\loader_30fps[1].gif
[2016/02/29 19:00:54 | 000,002,068 | ---- | M] () -- \Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\D981YNIS\AdLoader-v2[1].htm
[2016/02/29 21:01:51 | 000,007,724 | ---- | M] () -- \Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\0NCUF3S7\downloader-tick-7945685408b8cc49567438a90794c0ad[1].png
[2016/03/03 18:17:37 | 000,006,960 | ---- | M] () -- \Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\1Q7FRS2Z\loader[1].js
[2016/02/29 21:01:51 | 000,012,417 | ---- | M] () -- \Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\3A56BSW7\ajax-loader-ca17df082c1e361ec1988ab22604d426[1].gif
[2016/02/29 21:01:51 | 000,007,114 | ---- | M] () -- \Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A8YY6P28\downloader-exclamation-b165899aea71a6b207711f7c7bd9f0f9[1].png
[2016/01/24 18:43:44 | 000,000,145 | ---- | M] () -- \Users\pefa\Documents\Freemake\FreemakeVideoDownloader\Persistent\DownloaderPersistentList.xml
[2016/01/07 21:25:35 | 000,002,068 | ---- | M] () -- \Windows.old\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\ELCGK8EU\AdLoader-v2[1].htm
[2016/01/07 21:25:35 | 000,021,003 | ---- | M] () -- \Windows.old\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\VPL4ICAX\AdLoader-v2-eb71b98961a9b89ba51601bf601ccc67.min[1].js
[2014/10/23 17:46:53 | 000,002,019 | ---- | M] () -- \Windows.old\Users\pefa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2014/10/29 02:51:40 | 000,041,472 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2014/10/29 02:51:40 | 000,041,472 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2016/01/19 05:15:18 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2016/01/19 05:15:16 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2016/01/19 05:15:22 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2016/01/19 05:15:21 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2016/01/19 05:15:27 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2016/01/19 05:15:26 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2016/01/19 05:21:43 | 000,010,089 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2014/10/29 03:34:00 | 000,050,688 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.17415_none_36ff16d863604256\dmloader.dll
[2013/08/22 14:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 12:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 12:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 12:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 12:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 12:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 12:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2016/01/10 06:02:01 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2016/01/24 16:08:15 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.efi.mui_35ee487d
[2016/01/24 16:08:15 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.exe.mui_3bc5b827
[2016/01/24 16:08:15 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.efi.mui_f412814e
[2016/01/24 16:08:15 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.exe.mui_ff8b5358
[2016/02/11 01:19:26 | 000,000,583 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18202_none_4c396993405f0aa1.manifest
[2016/02/17 06:32:03 | 000,726,816 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18202_none_4c396993405f0aa1_winload.efi_75834aa0
[2016/02/17 06:32:05 | 000,661,590 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18202_none_4c396993405f0aa1_winload.exe_75835076
[2016/02/17 06:32:06 | 000,647,017 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18202_none_4c396993405f0aa1_winresume.efi_85cd069f
[2016/02/17 06:32:07 | 000,587,635 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18202_none_4c396993405f0aa1_winresume.exe_85cd1215
[2016/01/11 19:26:20 | 000,000,616 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2013/08/22 16:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/12/13 05:01:48 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2016/01/09 13:44:50 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2013/08/22 16:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013/12/13 05:31:23 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2016/01/09 11:35:31 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2016/01/09 13:44:54 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2016/01/10 07:52:17 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2016/01/10 07:41:55 | 000,000,583 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18066_none_4bfc8767408c1d55.manifest
[2016/01/10 08:18:00 | 000,000,583 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18146_none_4c122925407be29a.manifest
[2016/01/13 06:35:22 | 000,000,581 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18185_none_4be5e92b409d3907.manifest
[2016/02/11 00:44:44 | 000,000,583 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.18202_none_4c396993405f0aa1.manifest
[2016/01/24 09:33:02 | 000,008,359 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2014/10/29 02:51:40 | 000,041,472 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.17415_none_dae07b54ab02d120\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014/05/13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2016/02/09 19:28:04 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/09 02:45:06 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/07/09 02:45:33 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/12/13 05:04:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008/09/04 09:06:40 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008/09/04 09:07:02 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008/09/04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008/09/04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008/09/04 09:07:06 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008/09/04 09:07:10 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008/09/04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008/09/04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008/09/04 09:07:16 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2013/12/13 05:04:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/23 23:12:42 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/12/13 05:04:24 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/07/09 02:45:06 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2016/02/11 21:56:27 | 002,803,200 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\46a1a2a9ce9fe0206b620609b374997b\System.Runtime.Serialization.ni.dll
[2016/02/11 21:56:27 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\46a1a2a9ce9fe0206b620609b374997b\System.Runtime.Serialization.ni.dll.aux
[2016/02/11 21:53:47 | 003,529,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\d8ef3256fa02b7fa88666eda7282eeb8\System.Runtime.Serialization.ni.dll
[2016/02/11 21:53:47 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\d8ef3256fa02b7fa88666eda7282eeb8\System.Runtime.Serialization.ni.dll.aux
[2013/08/22 16:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2013/12/13 05:04:27 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/08/10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014/04/16 00:33:22 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/08/10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/24 04:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/08/10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/23 23:12:42 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/12/13 05:04:23 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/07/09 02:45:07 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 04:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/12/13 05:04:27 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/04/16 00:33:22 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014/06/23 23:12:50 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/12/13 05:04:22 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/07/09 02:45:34 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 04:20:21 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 01:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 01:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 01:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 01:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 01:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 01:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/12/13 05:04:25 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/05 04:33:14 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2016/02/29 18:55:45 | 000,026,256 | ---- | M] () -- \Windows\Prefetch\HFXSERIAL.EXE-3581ED89.pf
[2013/08/22 22:12:22 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 21:40:12 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.mum
[2013/08/22 13:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/22 07:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2014/10/29 02:46:05 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/08/22 22:12:22 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 13:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/12/13 05:04:08 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013/08/22 21:56:37 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013/08/22 07:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013/08/22 12:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2014/10/29 02:46:05 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013/12/13 05:04:08 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2013/08/22 21:56:37 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 07:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2016/01/21 03:19:05 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/12/13 05:04:22 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_b12d926c7f1ac114\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2016/01/21 03:19:08 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_b1ceee03982636a5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/12/13 05:04:08 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_3f29419cb7a1caf0\serialui.dll.mui
[2016/01/23 03:29:08 | 000,001,685 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2014/10/29 03:27:06 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.17415_none_e60c9c74f2682fb5\serialui.dll
[2016/01/23 03:32:55 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2013/12/13 05:04:23 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_4e753a0a26438751\System.RunTime.Serialization.Resources.dll
[2016/01/23 03:32:56 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_4f1695a13f4efce2\System.RunTime.Serialization.Resources.dll
[2013/12/13 05:03:59 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b574829120336a99\serial.sys.mui
[2013/08/22 12:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2016/01/23 03:56:28 | 000,003,691 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_1da5c476c59b0e5b\System.RunTime.Serialization.resources.dll
[2014/06/05 04:33:14 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.17238_cs-cz_1da069eec59ff302\System.RunTime.Serialization.resources.dll
[2016/01/23 03:56:29 | 000,003,304 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.20720_cs-cz_06d276aedf4770c6\System.RunTime.Serialization.resources.dll
[2013/08/10 01:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 01:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013/12/13 05:04:25 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_65f374ee29342685\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 01:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013/08/10 01:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2016/01/23 03:56:39 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2016/01/23 03:56:41 | 000,011,811 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17187_none_afcf9aa40af92e22\System.Runtime.Serialization.dll
[2014/07/24 04:20:21 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961\System.Runtime.Serialization.dll
[2016/01/23 03:56:43 | 000,012,410 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20681_none_99027a1e249ff87f\System.Runtime.Serialization.dll
[2016/01/23 03:56:44 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725\System.Runtime.Serialization.dll
[2013/08/10 01:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013/08/10 01:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2016/01/23 03:45:23 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:12:50 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_f0517be51cec2cbf\System.Runtime.Serialization.Formatters.Soap.dll
[2016/01/23 03:45:24 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_d981a48b36959176\System.Runtime.Serialization.Formatters.Soap.dll
[2016/01/23 04:07:01 | 000,000,643 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2016/01/23 04:07:02 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5\System.Runtime.Serialization.dll
[2014/07/09 02:45:34 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707\System.Runtime.Serialization.dll
[2016/01/23 04:07:04 | 000,000,440 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c\System.Runtime.Serialization.dll
[2016/01/23 04:07:05 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242\System.Runtime.Serialization.dll
[2016/01/23 04:07:07 | 000,000,643 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2016/01/23 04:07:08 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e\System.Runtime.Serialization.dll
[2014/07/09 02:45:33 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0\System.Runtime.Serialization.dll
[2016/01/23 04:07:10 | 000,000,440 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25\System.Runtime.Serialization.dll
[2016/01/23 04:07:11 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb\System.Runtime.Serialization.dll
[2013/12/13 04:59:55 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_c3036df581d2c4e4.manifest
[2013/08/22 21:55:29 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 16:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013/08/22 14:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013/08/22 16:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013/08/22 16:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013/08/22 16:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013/08/22 16:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013/08/22 16:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2016/01/09 13:11:44 | 000,000,521 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17187_none_afcf9aa40af92e22.manifest
[2016/01/10 07:37:20 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961.manifest
[2016/01/09 13:11:44 | 000,000,515 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20681_none_99027a1e249ff87f.manifest
[2016/01/10 07:37:20 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725.manifest
[2013/08/22 16:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013/08/22 16:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013/08/22 16:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2016/01/10 07:46:10 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5.manifest
[2016/01/10 07:19:59 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707.manifest
[2016/01/10 07:46:10 | 000,000,407 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c.manifest
[2016/01/10 07:19:59 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242.manifest
[2013/08/22 16:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2016/01/10 07:46:10 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e.manifest
[2016/01/10 07:19:59 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0.manifest
[2016/01/10 07:46:10 | 000,000,415 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25.manifest
[2016/01/10 07:19:59 | 000,000,414 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb.manifest
[2013/08/22 16:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013/08/22 16:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013/08/22 16:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2016/01/10 07:46:10 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff.manifest
[2016/01/10 07:19:58 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31.manifest
[2016/01/10 07:46:10 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6.manifest
[2016/01/10 07:19:58 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c.manifest
[2013/12/13 05:02:51 | 000,000,448 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144.manifest
[2016/01/10 05:37:30 | 000,000,558 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17187_cs-cz_25785c236d943aac.manifest
[2016/01/10 07:37:19 | 000,000,449 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_cs-cz_257343c56d98d5eb.manifest
[2016/01/10 05:37:30 | 000,000,556 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20681_cs-cz_0eab3b9d873b0509.manifest
[2016/01/10 07:37:19 | 000,000,445 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_cs-cz_0ea55085874053af.manifest
[2013/12/13 05:02:36 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b.manifest
[2016/01/10 07:46:09 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619.manifest
[2016/01/10 07:19:58 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_cs-cz_7ad68a7f8b92df4b.manifest
[2016/01/10 07:46:09 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0.manifest
[2016/01/10 07:19:58 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_cs-cz_64065805a53caa86.manifest
[2013/08/22 16:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013/08/22 16:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2016/01/09 13:11:43 | 000,000,570 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17187_none_c8104b0485ef1bc5.manifest
[2016/01/10 07:37:20 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704.manifest
[2016/01/09 13:11:43 | 000,000,566 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20681_none_b1432a7e9f95e622.manifest
[2016/01/10 07:37:19 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8.manifest
[2013/08/22 16:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2016/01/10 07:46:10 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732.manifest
[2016/01/10 07:19:58 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064.manifest
[2016/01/10 07:46:10 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9.manifest
[2016/01/10 07:19:58 | 000,000,423 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f.manifest
[2013/08/22 16:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013/08/22 16:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013/08/22 16:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2016/01/10 07:46:09 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174.manifest
[2016/01/10 07:19:58 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6.manifest
[2016/01/10 07:46:09 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b.manifest
[2016/01/10 07:19:58 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1.manifest
[2013/08/10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2016/01/24 02:30:27 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:12:42 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_6319fbc1e7e155b4\System.Runtime.Serialization.Formatters.Soap.dll
[2016/01/24 02:30:27 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_4c4a2468018aba6b\System.Runtime.Serialization.Formatters.Soap.dll
[2013/12/13 05:04:27 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_c6e6982dc37909d8\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2016/01/24 02:30:28 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/12/13 05:04:23 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.17226_cs-cz_1c43122de1795ead\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2016/01/24 02:30:28 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.20708_cs-cz_05733ad3fb22c364\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013/08/10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2016/01/24 02:30:30 | 000,000,663 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2016/01/24 02:30:31 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff\System.Runtime.Serialization.dll
[2014/07/09 02:45:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31\System.Runtime.Serialization.dll
[2016/01/24 02:30:33 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6\System.Runtime.Serialization.dll
[2016/01/24 02:30:35 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c\System.Runtime.Serialization.dll
[2016/01/24 02:30:35 | 000,003,691 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144\System.RunTime.Serialization.resources.dll
[2016/01/24 02:30:36 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17187_cs-cz_25785c236d943aac\System.RunTime.Serialization.resources.dll
[2014/04/16 00:33:22 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_cs-cz_257343c56d98d5eb\System.RunTime.Serialization.resources.dll
[2016/01/24 02:30:36 | 000,003,304 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20681_cs-cz_0eab3b9d873b0509\System.RunTime.Serialization.resources.dll
[2016/01/24 02:30:37 | 000,003,304 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_cs-cz_0ea55085874053af\System.RunTime.Serialization.resources.dll
[2016/01/24 02:30:37 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2016/01/24 02:30:38 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619\System.RunTime.Serialization.Resources.dll
[2013/12/13 05:04:24 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_cs-cz_7ad68a7f8b92df4b\System.RunTime.Serialization.Resources.dll
[2016/01/24 02:30:38 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0\System.RunTime.Serialization.Resources.dll
[2016/01/24 02:30:39 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_cs-cz_64065805a53caa86\System.RunTime.Serialization.Resources.dll
[2013/08/10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2016/01/24 02:30:40 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2016/01/24 02:30:42 | 000,011,811 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17187_none_c8104b0485ef1bc5\System.Runtime.Serialization.dll
[2014/07/24 04:20:32 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704\System.Runtime.Serialization.dll
[2016/01/24 02:30:44 | 000,012,410 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20681_none_b1432a7e9f95e622\System.Runtime.Serialization.dll
[2016/01/24 02:30:46 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8\System.Runtime.Serialization.dll
[2016/01/24 02:30:47 | 000,000,663 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2016/01/24 02:30:49 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732\System.Runtime.Serialization.dll
[2014/07/09 02:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064\System.Runtime.Serialization.dll
[2016/01/24 02:30:50 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9\System.Runtime.Serialization.dll
[2016/01/24 02:30:52 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f\System.Runtime.Serialization.dll
[2013/08/10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013/08/10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2016/01/24 09:55:50 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/12/13 05:04:23 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_550ef6e8c6bd4fde\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2016/01/24 09:55:54 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_55b0527fdfc8c56f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/12/13 05:04:08 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_e30aa618ff4459ba\serialui.dll.mui
[2016/01/24 10:11:19 | 000,001,912 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2014/10/29 02:46:05 | 000,015,360 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.17415_none_89ee00f13a0abe7f\serialui.dll
[2016/01/24 15:58:29 | 000,000,663 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll
[2016/01/24 15:58:31 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174\System.Runtime.Serialization.dll
[2014/07/09 02:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6\System.Runtime.Serialization.dll
[2016/01/24 15:58:33 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b\System.Runtime.Serialization.dll
[2016/01/24 15:58:34 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\pefa\SkyDrive:ms-properties
@Alternate Data Stream - 220 bytes -> C:\Users\pefa\OneDrive:ms-properties

< End of report


Nahoru
 Profil  
 
PříspěvekNapsal: 03 bře 2016 19:04 
Offline
Návštěvník
Návštěvník

Registrován: 20 úno 2016 19:21
Příspěvky: 23
Zde Systém look:

SystemLook 30.07.11 by jpshortstuff
Log created at 18:47 on 03/03/2016 by pefa
Administrator - Elevation successful

========== filefind ==========

Searching for "*mozilla*"
C:\Program Files (x86)\OpenOffice 4\program\python-core-2.7.6\lib\_MozillaCookieJar.py --a---- 5809 bytes [09:59 21/10/2015] [09:59 21/10/2015] 53A021925CD7801FB4EF37BD52840B73
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\0NCUF3S7\footer-mozilla-white.6de861f93df6[1].png --a---- 854 bytes [10:03 28/02/2016] [10:03 28/02/2016] 6DE861F93DF6482563ED6DF2EFC32C40
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A8YY6P28\mozilla-wordmark-white.20d134cd8af7[1].png --a---- 4044 bytes [10:03 28/02/2016] [10:03 28/02/2016] 20D134CD8AF714993554489827F35E48
C:\Users\pefa\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\RA1ECA26\www.mozilla[1].xml --a---- 362 bytes [10:03 28/02/2016] [10:03 28/02/2016] 48F6A556AEFA4E23DDC4303A6C45E82F
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\Browsers\mozilla.browser --a---- 13262 bytes [03:43 13/12/2013] [03:43 13/12/2013] 9FFA08AA85D403D9CC98CAC2956069AE
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\Browsers\mozilla.browser --a---- 13262 bytes [03:43 13/12/2013] [03:43 13/12/2013] 9FFA08AA85D403D9CC98CAC2956069AE
C:\Windows\WinSxS\amd64_netfx-aspnet_regbrowser_files_b03f5f7f11d50a3a_6.3.9600.16384_none_44643ac47b53f37a\mozilla.browser --a---- 1876 bytes [03:43 13/12/2013] [15:05 24/01/2016] 912F0A1F62B0A2377CC979FD1F82221A
C:\Windows\WinSxS\x86_netfx-aspnet_regbrowser_files_b03f5f7f11d50a3a_6.3.9600.16384_none_8c11719b8fd01c80\mozilla.browser --a---- 1876 bytes [03:43 13/12/2013] [15:06 24/01/2016] 912F0A1F62B0A2377CC979FD1F82221A
C:\Windows.old\Users\pefa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk --a---- 1177 bytes [08:22 26/12/2014] [07:25 08/01/2016] B6AD65E937F1CBDF5373DE232D0235D5
C:\Windows.old\Users\Public\Desktop\Mozilla Firefox.lnk --a---- 1165 bytes [17:05 01/07/2014] [18:38 28/07/2014] CBE32723C43F8913712BF67B8B1F7017

Searching for "*firefox*"
C:\ProgramData\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_cs-cz.xpi -ra---- 208643 bytes [06:44 02/02/2013] [06:44 02/02/2013] 35628CF950B31CBF39D62BBF3D1EFB07
C:\ProgramData\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_en-us.xpi -ra---- 208258 bytes [06:33 02/02/2013] [06:33 02/02/2013] FF81FDDBC7B1684DF81033EC5CDE2F65
C:\ProgramData\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_hu-hu.xpi -ra---- 208644 bytes [06:44 02/02/2013] [06:44 02/02/2013] 6C67DE3DF4E5246D0941D1AC939E114E
C:\ProgramData\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_pl-pl.xpi -ra---- 208621 bytes [06:44 02/02/2013] [06:44 02/02/2013] 6F98E71590BA5EEB247864CFF95F79FA
C:\ProgramData\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_sk-sk.xpi -ra---- 208527 bytes [06:44 02/02/2013] [06:44 02/02/2013] 29D66CD0D202BBC66A6F7F7D7F4ED813
C:\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_cs-cz.xpi -ra---- 208643 bytes [06:44 02/02/2013] [06:44 02/02/2013] 35628CF950B31CBF39D62BBF3D1EFB07
C:\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_en-us.xpi -ra---- 208258 bytes [06:33 02/02/2013] [06:33 02/02/2013] FF81FDDBC7B1684DF81033EC5CDE2F65
C:\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_hu-hu.xpi -ra---- 208644 bytes [06:44 02/02/2013] [06:44 02/02/2013] 6C67DE3DF4E5246D0941D1AC939E114E
C:\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_pl-pl.xpi -ra---- 208621 bytes [06:44 02/02/2013] [06:44 02/02/2013] 6F98E71590BA5EEB247864CFF95F79FA
C:\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_sk-sk.xpi -ra---- 208527 bytes [06:44 02/02/2013] [06:44 02/02/2013] 29D66CD0D202BBC66A6F7F7D7F4ED813
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\0NCUF3S7\firefox-logo.d99a8d78a049[1].png --a---- 31275 bytes [10:03 28/02/2016] [10:03 28/02/2016] D99A8D78A049EA7B69B29D5E5435ECE5
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\0NCUF3S7\firefox_new-bundle.c4d888b63406[1].js --a---- 5817 bytes [10:03 28/02/2016] [10:03 28/02/2016] C4D888B634067398D0EA515FAD693175
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\1Q7FRS2Z\firefox-logo-wordmark-white.de059cc90a4e[1].png --a---- 25427 bytes [10:03 28/02/2016] [10:03 28/02/2016] DE059CC90A4E4433D72DC991BD236719
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\1Q7FRS2Z\firefox-logo.d3cb43a0a16f[1].png --a---- 14403 bytes [10:03 28/02/2016] [10:03 28/02/2016] D3CB43A0A16F39CA8C939104EFBF934A
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\1Q7FRS2Z\header-firefox.98d0a02c957f[1].png --a---- 12696 bytes [10:03 28/02/2016] [10:03 28/02/2016] 98D0A02C957F4BD5353563054CCE1A89
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\3A56BSW7\firefox_new-bundle.55aabcdc6235[1].css --a---- 80573 bytes [10:03 28/02/2016] [10:03 28/02/2016] 454DB2219F8BF9F44168EFFB4D518F9C
C:\Users\pefa\Downloads\Firefox Setup Stub 43.0.4.exe --a---- 248736 bytes [11:29 09/01/2016] [11:29 09/01/2016] 0D9B5872CF276D623778895A53B7C561
C:\Users\pefa\Downloads\Firefox Setup Stub 44.0.2.exe --a---- 242368 bytes [10:03 28/02/2016] [10:03 28/02/2016] D0BC045D99879100BCA21F8298AA9A59
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\Browsers\firefox.browser --a---- 2336 bytes [15:36 22/08/2013] [15:34 22/08/2013] 8E55C3D84FE4E59812B679FCCC8B6061
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\Browsers\firefox.browser --a---- 2336 bytes [15:36 22/08/2013] [15:34 22/08/2013] 8E55C3D84FE4E59812B679FCCC8B6061
C:\Windows\Prefetch\FIREFOX SETUP STUB 44.0.2.EXE-7A8EBF62.pf --a---- 27068 bytes [10:04 28/02/2016] [10:04 28/02/2016] 766765582AFB023FCF7E6CB2BBD6DD47
C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf --a---- 308706 bytes [11:30 09/01/2016] [13:56 01/03/2016] D27529CEAB5BB5CC23DC53567C62534B
C:\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.9600.16384_none_e03c9daab4035a21\firefox.browser --a---- 2336 bytes [06:43 22/08/2013] [14:46 18/06/2013] 8E55C3D84FE4E59812B679FCCC8B6061
C:\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.9600.17187_none_e03c5b80b403a389\firefox.browser --a---- 2336 bytes [06:43 22/08/2013] [14:46 18/06/2013] 8E55C3D84FE4E59812B679FCCC8B6061
C:\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.9600.20681_none_c96f3afacdaa6de6\firefox.browser --a---- 2336 bytes [06:43 22/08/2013] [14:46 18/06/2013] 8E55C3D84FE4E59812B679FCCC8B6061
C:\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.9600.16384_none_27e9d481c87f8327\firefox.browser --a---- 2336 bytes [23:36 21/08/2013] [12:28 18/06/2013] 8E55C3D84FE4E59812B679FCCC8B6061
C:\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.9600.17187_none_27e99257c87fcc8f\firefox.browser --a---- 2336 bytes [23:36 21/08/2013] [12:28 18/06/2013] 8E55C3D84FE4E59812B679FCCC8B6061
C:\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.9600.20681_none_111c71d1e22696ec\firefox.browser --a---- 2336 bytes [23:36 21/08/2013] [12:28 18/06/2013] 8E55C3D84FE4E59812B679FCCC8B6061
C:\Windows.old\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_cs-cz.xpi -ra---- 208643 bytes [06:44 02/02/2013] [06:44 02/02/2013] 35628CF950B31CBF39D62BBF3D1EFB07
C:\Windows.old\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_en-us.xpi -ra---- 208258 bytes [06:33 02/02/2013] [06:33 02/02/2013] FF81FDDBC7B1684DF81033EC5CDE2F65
C:\Windows.old\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_hu-hu.xpi -ra---- 208644 bytes [06:44 02/02/2013] [06:44 02/02/2013] 6C67DE3DF4E5246D0941D1AC939E114E
C:\Windows.old\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_pl-pl.xpi -ra---- 208621 bytes [06:44 02/02/2013] [06:44 02/02/2013] 6F98E71590BA5EEB247864CFF95F79FA
C:\Windows.old\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4454.1510\office\data\officefirefox_sk-sk.xpi -ra---- 208527 bytes [06:44 02/02/2013] [06:44 02/02/2013] 29D66CD0D202BBC66A6F7F7D7F4ED813
C:\Windows.old\Users\pefa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk --a---- 1177 bytes [08:22 26/12/2014] [07:25 08/01/2016] B6AD65E937F1CBDF5373DE232D0235D5
C:\Windows.old\Users\Public\Desktop\Mozilla Firefox.lnk --a---- 1165 bytes [17:05 01/07/2014] [18:38 28/07/2014] CBE32723C43F8913712BF67B8B1F7017

========== regfind ==========

Searching for "mozilla"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\41708aff_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54c799f3_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\updated\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\57af3575_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\{101de7f6-62e6-4f36-bccd-5a6f71ad5fc4}/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5ab0749c_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a536494c_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\global/00010004|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c07a96f0_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\eb7438c1_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\{101de7f6-62e6-4f36-bccd-5a6f71ad5fc4}/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f4114545_0]
@="{2}.\\?\hdaudio#func_01&ven_8086&dev_2807&subsys_80860101&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\intcdaudtopo_2_192_24_d0/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mozilla.org]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mozilla.org]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs]
"url2"="https://www.mozilla.org/"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"User Agent"="Mozilla/4.0 (compatible; MSIE; Win32)"
[HKEY_CURRENT_USER\Software\Mozilla]
[HKEY_CURRENT_USER\Software\Piriform\CCleaner]
"(App)Mozilla - Site Preferences"="True"
[HKEY_CURRENT_USER\Software\Safer Networking Limited\Localization]
"C:\Program Files (x86)\Mozilla Firefox\uninstall\"=""
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\mozilla.org]
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\www.mozilla.org]
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.FriendlyAppName"="Firefox"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.ApplicationCompany"="Mozilla Corporation"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\ARP]
"0"="Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall Mozilla Firefox 44.0.2 (x86 cs) "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\ARP]
"1"="Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall MozillaMaintenanceService "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gathering Manager]
"UserAgent"="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla]
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Search\Gathering Manager]
"UserAgent"="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\mozilla.org]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\mozilla.org\Mozilla]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"User Agent"="Mozilla/4.0 (compatible; MSIE; Win32)"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"User Agent"="Mozilla/4.0 (compatible; MSIE; Win32)"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"User Agent"="Mozilla/4.0 (compatible; MSIE; Win32)"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\41708aff_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54c799f3_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\updated\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\57af3575_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\{101de7f6-62e6-4f36-bccd-5a6f71ad5fc4}/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5ab0749c_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a536494c_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\global/00010004|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c07a96f0_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\eb7438c1_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\{101de7f6-62e6-4f36-bccd-5a6f71ad5fc4}/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f4114545_0]
@="{2}.\\?\hdaudio#func_01&ven_8086&dev_2807&subsys_80860101&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\intcdaudtopo_2_192_24_d0/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mozilla.org]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mozilla.org]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\TypedURLs]
"url2"="https://www.mozilla.org/"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"User Agent"="Mozilla/4.0 (compatible; MSIE; Win32)"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Mozilla]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Piriform\CCleaner]
"(App)Mozilla - Site Preferences"="True"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Safer Networking Limited\Localization]
"C:\Program Files (x86)\Mozilla Firefox\uninstall\"=""
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\mozilla.org]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\www.mozilla.org]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.FriendlyAppName"="Firefox"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.ApplicationCompany"="Mozilla Corporation"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\mozilla.org]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\www.mozilla.org]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.FriendlyAppName"="Firefox"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.ApplicationCompany"="Mozilla Corporation"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"User Agent"="Mozilla/4.0 (compatible; MSIE; Win32)"

Searching for "firefox"
[HKEY_CURRENT_USER\Software\Clients\StartMenuInternet]
@="FIREFOX.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\41708aff_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54c799f3_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\updated\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\57af3575_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\{101de7f6-62e6-4f36-bccd-5a6f71ad5fc4}/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5ab0749c_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a536494c_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\global/00010004|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c07a96f0_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\eb7438c1_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\{101de7f6-62e6-4f36-bccd-5a6f71ad5fc4}/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f4114545_0]
@="{2}.\\?\hdaudio#func_01&ven_8086&dev_2807&subsys_80860101&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\intcdaudtopo_2_192_24_d0/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/cs-cz/windows/start-computer-safe-mode\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/fwlink/?LinkId=314049&q=chkdsk\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithList]
"d"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithList]
"b"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
"b"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithList]
"b"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithList]
"b"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.org/cs/kb/Nouzov%c3%bd%20re%c5%beim\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.org/wiki/CHKDSK\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.p12\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rar\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList]
"b"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithList]
"a"="firefox.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2008firefox.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\firefox]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\www.firefox]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2008firefox.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\firefox]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\www.firefox]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.shtml\UserChoice]
"ProgId"="FirefoxHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.xht\UserChoice]
"ProgId"="FirefoxHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.xhtml\UserChoice]
"ProgId"="FirefoxHTML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Roaming\OpenWith\UrlAssociations\ftp\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Roaming\OpenWith\UrlAssociations\http\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Roaming\OpenWith\UrlAssociations\https\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_CURRENT_USER\Software\Mozilla\Firefox]
[HKEY_CURRENT_USER\Software\Safer Networking Limited\Localization]
"C:\Program Files (x86)\Mozilla Firefox\uninstall\"=""
[HKEY_CURRENT_USER\Software\Classes\.oga]
"VLC.backup"="FirefoxHTML"
[HKEY_CURRENT_USER\Software\Classes\.ogv]
"VLC.backup"="FirefoxHTML"
[HKEY_CURRENT_USER\Software\Classes\.webm]
"VLC.backup"="FirefoxHTML"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.FriendlyAppName"="Firefox"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.ApplicationCompany"="Mozilla Corporation"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\firefox.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2008firefox.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\www.firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2008firefox.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\www.firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\ARP]
"0"="Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall Mozilla Firefox 44.0.2 (x86 cs) "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2008firefox.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\www.firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2008firefox.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\www.firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla\Firefox]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2008firefox.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\firefox]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\www.firefox]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2008firefox.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\firefox]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\www.firefox]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Clients\StartMenuInternet]
@="FIREFOX.EXE"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\41708aff_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54c799f3_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\updated\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\57af3575_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\{101de7f6-62e6-4f36-bccd-5a6f71ad5fc4}/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5ab0749c_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a536494c_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\global/00010004|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c07a96f0_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0233&subsys_104315ad&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\eb7438c1_0]
@="{2}.\\?\usb#vid_041e&pid_3232&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\{101de7f6-62e6-4f36-bccd-5a6f71ad5fc4}/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f4114545_0]
@="{2}.\\?\hdaudio#func_01&ven_8086&dev_2807&subsys_80860101&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\intcdaudtopo_2_192_24_d0/00010001|\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\plugin-container.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/cs-cz/windows/start-computer-safe-mode\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/fwlink/?LinkId=314049&q=chkdsk\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithList]
"d"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithList]
"b"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
"b"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithList]
"b"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithList]
"b"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.org/cs/kb/Nouzov%c3%bd%20re%c5%beim\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.org/wiki/CHKDSK\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.p12\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rar\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList]
"b"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithList]
"a"="firefox.exe"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2008firefox.com]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\firefox]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\www.firefox]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2008firefox.com]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\firefox]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\www.firefox]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.shtml\UserChoice]
"ProgId"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.xht\UserChoice]
"ProgId"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.xhtml\UserChoice]
"ProgId"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\Roaming\OpenWith\UrlAssociations\ftp\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\Roaming\OpenWith\UrlAssociations\http\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\Roaming\OpenWith\UrlAssociations\https\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"ProgId"="FirefoxURL"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Mozilla\Firefox]
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Safer Networking Limited\Localization]
"C:\Program Files (x86)\Mozilla Firefox\uninstall\"=""
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\.oga]
"VLC.backup"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\.ogv]
"VLC.backup"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\.webm]
"VLC.backup"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.FriendlyAppName"="Firefox"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.ApplicationCompany"="Mozilla Corporation"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\.oga]
"VLC.backup"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\.ogv]
"VLC.backup"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\.webm]
"VLC.backup"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.FriendlyAppName"="Firefox"
[HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe.ApplicationCompany"="Mozilla Corporation"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2008firefox.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\firefox]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2009-box.com\www.firefox]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2008firefox.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\firefox]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\2009-box.com\www.firefox]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]

========== folderfind ==========

Searching for "*mozilla*"
C:\Program Files (x86)\Mozilla Firefox d------ [07:05 12/02/2016]
C:\Users\pefa\AppData\Local\Mozilla d------ [11:29 09/01/2016]
C:\Users\pefa\AppData\Local\Temp\mozilla-temp-files d------ [17:13 01/03/2016]
C:\Users\pefa\AppData\Roaming\Mozilla d------ [11:29 09/01/2016]
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Mozilla d------ [17:45 11/02/2016]
C:\Windows.old\Users\pefa\AppData\Local\Mozilla d------ [17:05 01/07/2014]
C:\Windows.old\Users\pefa\AppData\Local\Temp\mozilla-temp-files d------ [18:02 08/01/2016]
C:\Windows.old\Users\pefa\AppData\Roaming\Mozilla d------ [17:05 01/07/2014]

Searching for "*firefox*"
C:\Program Files (x86)\Mozilla Firefox d------ [07:05 12/02/2016]
C:\ProgramData\ESET\ESET Smart Security\OPP\S-1-5-21-4175608963-2615263823-2636743382-1001\EsetOPPFirefoxProfile d------ [17:40 19/02/2016]
C:\Users\All Users\ESET\ESET Smart Security\OPP\S-1-5-21-4175608963-2615263823-2636743382-1001\EsetOPPFirefoxProfile d------ [17:40 19/02/2016]
C:\Users\pefa\AppData\Local\Mozilla\Firefox d------ [11:29 09/01/2016]
C:\Users\pefa\AppData\Roaming\Mozilla\Firefox d------ [11:29 09/01/2016]
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Mozilla\Firefox d------ [17:45 11/02/2016]
C:\Windows.old\Users\All Users\ESET\ESET Smart Security\OPP\S-1-5-21-4175608963-2615263823-2636743382-1001\EsetOPPFirefoxProfile d------ [17:40 19/02/2016]
C:\Windows.old\Users\pefa\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_firefox.exe_b4b1986018ab8e683a48237d4063f6d8a9891c4_ad2e088b_384115ad d----c- [23:10 18/12/2015]
C:\Windows.old\Users\pefa\AppData\Local\Mozilla\Firefox d------ [17:05 01/07/2014]
C:\Windows.old\Users\pefa\AppData\Roaming\Mozilla\Firefox d------ [17:05 01/07/2014]

-= EOF =-


Nahoru
 Profil  
 
PříspěvekNapsal: 04 bře 2016 18:07 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
:!: Vypnete antivir, at nebrani programu v praci.
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód:
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
SkypeUpdate

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
IE - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.73.2: C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2: C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
[2016/01/09 12:29:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pefa\AppData\Roaming\mozilla\Extensions
[2016/03/01 15:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pefa\AppData\Roaming\mozilla\Firefox\Profiles\1xq7dquv.default-1456840856214\extensions
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001..\Run: [Power2GoExpress] NA File not found
O15:64bit: - ..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\..Trusted Domains: localhost ([]http in Internet)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2016/02/12 08:05:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/02/29 20:58:26 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
C:\Program Files (x86)\Mozilla Firefox
C:\Users\pefa\AppData\Local\Mozilla
C:\Users\pefa\AppData\Roaming\Mozilla
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Mozilla
C:\Windows.old\Users\pefa\AppData\Local\Mozilla
C:\Windows.old\Users\pefa\AppData\Roaming\Mozilla

:reg
[-HKEY_CURRENT_USER\Software\Mozilla\Firefox]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 04 bře 2016 19:16 
Offline
Návštěvník
Návštěvník

Registrován: 20 úno 2016 19:21
Příspěvky: 23
Zde to je:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: pefa
->Temp folder emptied: 3437167 bytes
->Temporary Internet Files folder emptied: 248786618 bytes
->Java cache emptied: 8196 bytes
->FireFox cache emptied: 377004553 bytes
->Flash cache emptied: 3032 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13024257 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 400216 bytes

Total Files Cleaned = 613,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: pefa
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: "https://www.seznam.cz/" removed from browser.startup.homepage
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0.2 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@canon.com/EPPEX\ deleted successfully.
C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5\ deleted successfully.
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater\ deleted successfully.
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=11.73.2\ deleted successfully.
C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2\ deleted successfully.
C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0\ deleted successfully.
C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1\ deleted successfully.
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0\ deleted successfully.
C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll moved successfully.
C:\Users\pefa\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\pefa\AppData\Roaming\mozilla\Firefox\Profiles\1xq7dquv.default-1456840856214\extensions folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\eset.com\help\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Program Files (x86)\Mozilla Firefox\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox folder moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFF02.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Mozilla\Firefox\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03042016_190554

Files\Folders moved on Reboot...
C:\Users\pefa\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\IH3N91PL\afr[1].htm moved successfully.
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\IH3N91PL\afr[2].htm moved successfully.
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\IH3N91PL\viewtopic[1].htm moved successfully.
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\FFCDX2GT\context[1].htm moved successfully.
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE\1JVWOX4A\context[1].htm moved successfully.
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Nahoru
 Profil  
 
PříspěvekNapsal: 04 bře 2016 21:57 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
Zkuste ted mozillu znovu nainstalovat a otestovat, jestli nastala nejaka zmena.

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 05 bře 2016 13:31 
Offline
Návštěvník
Návštěvník

Registrován: 20 úno 2016 19:21
Příspěvky: 23
Mozillu jsem nainstaloval a bohužel žádná změna :( U některých web stránek se nezobrazí obrazky nebo videa.


Nahoru
 Profil  
 
PříspěvekNapsal: 05 bře 2016 19:28 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
Je to nekde v nastaveni, zkuste ji odinstalovat pomoci Revo http://www.stahuj.centrum.cz/utility_a_ ... installer/ Je potreba se zbavit fakt vsech zbytku, druha moznost je, ze to blokuje neco legitimniho. Kdyz to v nouzaku bezi... Havet tam totiz nevidim

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 05 bře 2016 21:45 
Offline
Návštěvník
Návštěvník

Registrován: 20 úno 2016 19:21
Příspěvky: 23
Tak pomocí Reva jsem odzbytkoval a pak restartoval. Opet nainstaloval Mozillu. Vypada to na nějaký zákaz. Zase to po mě chce certifikát. :(


Přílohy:
image001.jpg
image001.jpg [ 22.06 KiB | Zobrazeno 2562 krát ]
Nahoru
 Profil  
 
PříspěvekNapsal: 06 bře 2016 18:57 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
Neco tam musi zustavat. Znovu ji odinstalujte pomoci Reva a zopakujte krok se SystemLook. Zkusime to smazat radek po radku :boxed:

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 07 bře 2016 13:08 
Offline
Návštěvník
Návštěvník

Registrován: 20 úno 2016 19:21
Příspěvky: 23
Provedl jsem pomalou,nejdůkladnější odinstalaci Firefoxu Revem. Pak mne napadlo zda by ten problem nemohl souviset z Esetem ktereho tam mam stejně jen ve zkušebním modu. Chtel jsem ho take odinstalovat Revem ale Revo mi ho vubec nenaslo. Odinstaloval jsem ho tedy manualně přes Odebrat programy ve Windows. Pak mne napadlo vyzkoušet zda to přeci jen nemělo nějaký efekt a znovu jsem chtěl nainstalovat Mozillu. Pri vybírání uloziste mi jako první možnost bylo nabidnuto ulozit do slozky Stažené soubory. Chtel jsem jí zmenit na Plochu ale všiml jsem si že ve složce Stažené soubory mi trůní 3 předchozí aplikační soubory Firefox. Měl jsem za to že je Revo nalezlo a všechny smazalo :shock: Asi tedy ne, takže jsem smazal ručně a pak koš projel CCleanerem a restartoval. Nainstaloval Firefox a světe div se, vypadá to že to funguje!

zde print screen té samé web stranky tentokrát bez problému. Nic po mě nechce certifikát. Nechci to zakřiknout :)


Přílohy:
image001.jpg
image001.jpg [ 21.79 KiB | Zobrazeno 2547 krát ]
Nahoru
 Profil  
 
PříspěvekNapsal: 07 bře 2016 21:20 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
No Eset byl na listine podezrelych viewtopic.php?f=5&t=148019&start=15#p1438898 , ale psal ste, ze po jeho vypnuti se nic nezmenilo :-) Odinstalace byl dobry napad :thumbsup: Snad to tedy pojede jak ma. Pouzijte znovu DelFix
:arrow:
vyosek píše:
:arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run


Pak pc poradne prozkousejte a napiste, jak to tedy vypada ;-)

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 10 bře 2016 18:52 
Offline
Návštěvník
Návštěvník

Registrován: 20 úno 2016 19:21
Příspěvky: 23
DelFix jsem provedl a zkontroloval pc. Jak browzdam jak browzdam zatím jsem nenarazil na žádnou anomálii. Vypadá to bez problému. Moc bych Vám chtěl poděkovat za trpělivost a příkladnou pomoc. Zas je o spokojenějšího člověka v počítačovém světě víc ! :worship: :thumbsup:


Nahoru
 Profil  
 
PříspěvekNapsal: 10 bře 2016 19:11 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
To jsem moc rad, ze je to v poradku :-)

Nemate vubec zac! ;-)

Mejte se a treba zase nekdy :bye:

:closed:

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 44 ]  Přejít na stránku Předchozí  1, 2, 3

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?