Kontrola log

Zpráva

#16 Příspěvek od **Márty84** » 16 zář 2015 18:17

Jaryn74 píše:Po defragmentaci mi to dokonce psalo výsledek, že stav disku je dobrý....pouze dobrý:-)

Defragmentace ale nemuze opravit poskozeni disku, ta zprava se toho netykala

Jaryn74 píše:když spustím Firefox, tak zhruba 15-20 sekund čekám než prohlížeč plně naběhne

Zkuste, jak dlouho to trva v nouzovem rezimu s praci v siti.

Jaryn74 píše:Nejsem si jist jestli je to normální.

Veskere zpomaleni muze byt dilo toho vadneho disku.

Jaryn74 · #17 Příspěvek od **Jaryn74** » 16 zář 2015 19:30

Omlouvám se, ale jak to myslíte s prací v nouzovém režimu?

#18 Příspěvek od **Márty84** » 17 zář 2015 09:19

Do nouzoveho rezimu se dostanete takto:
restartujte pc, mackejte klavesu F8 - pripadne jinou, zalezi na typu stroje - a zvolte moznost nouzovy rezim s praci v siti.
Kdyby to neslo, zde je jiny postup http://forum.viry.cz/viewtopic.php?f=46&t=7554

Jaryn74 · #19 Příspěvek od **Jaryn74** » 19 zář 2015 09:36

Takže do toho nouzového režimu jsem se dostal.
Od kliknutí na prohlížeč (Firefox) to trvalo cca 23s než plně naběhl a mohl jsem ho používat - to bylo první spuštění prohlížeče od startu PC. Při druhém spuštění to trvalo již jen 6s.
V normálním režimu první start prohlížeče trval 1 minutu a 20 sekund, druhé spuštění 24s.
To je docela dlouho, ne?
S pozdravem
JJ

#20 Příspěvek od **Márty84** » 19 zář 2015 09:40

Je to dlouho.

Zkuste firefox preinstalovat (zalozky muzete zazalohovat pomoci mozbackup http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ ). Musite ho odinstalovat komplet, vcetne nastaveni a profilu. Ze zalohy pak vratit jen ty zalozky, pokud je pouzivate.

Jaryn74 · #21 Příspěvek od **Jaryn74** » 19 zář 2015 16:26

Vše jsem provedl dle Vašeho doporučení, zazálohoval jsem pouze záložky. Nyní první start za 23s a každý další za cca 10s, takže zlepšení:-) Mám ale pocit, že bez záložek Firefox startoval rychleji.

#22 Příspěvek od **Márty84** » 19 zář 2015 18:14

Zkuste jeste na chvili vypnout antivir a vyzkouset start firefoxu bez nej. Jine prohlizece startuji rychle?

Jaryn74 · #23 Příspěvek od **Jaryn74** » 21 zář 2015 19:20

Tak bez antiviru je ten první start prohlížeče o polovinu rychlejší. Ještě jsem zkoušel spustit Explorer a ten startuje také rychleji než Firefox. Ale žít se s tím dá:-) Díky za pomoc.

#24 Příspěvek od **Márty84** » 21 zář 2015 19:24

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Jaryn74 · #25 Příspěvek od **Jaryn74** » 23 zář 2015 20:05

OTL logfile created on: 23.9.2015 20:01:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Radmila\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18015)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,90 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,40% Memory free
7,79 Gb Paging File | 5,77 Gb Available in Paging File | 74,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,88 Gb Total Space | 97,99 Gb Free Space | 22,08% Space Free | Partition Type: NTFS

Computer Name: JAROSLAV | User Name: Radmila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.09.23 19:59:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Radmila\Downloads\OTL.exe
PRC - [2015.08.26 14:46:18 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015.08.25 18:43:01 | 006,111,824 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015.08.07 18:42:33 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.12.09 06:37:32 | 002,273,160 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
PRC - [2011.12.09 06:33:30 | 001,639,304 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
PRC - [2011.12.09 06:32:42 | 001,087,368 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
PRC - [2011.12.08 08:23:42 | 003,398,736 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
PRC - [2011.10.18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011.10.18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011.10.18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011.10.18 11:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2011.09.08 12:43:02 | 004,449,360 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2011.08.17 09:19:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.08.09 03:44:56 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.08.09 03:44:54 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.07.06 09:24:24 | 000,184,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe

========== Modules (No Company Name) ==========

MOD - [2015.08.07 18:42:34 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.08.07 18:42:33 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.03.17 19:04:50 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.09.05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.09.08 12:40:10 | 001,645,056 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll

========== Services (SafeList) ==========

SRV:64bit: - [2015.08.15 08:04:47 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.08.07 18:42:33 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015.07.23 02:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.03.19 18:19:14 | 000,337,264 | ---- | M] (FileOpen Systems Inc.) [Auto | Running] -- C:\Program Files\FileOpen\Services\FileOpenManager64.exe -- (FileOpenManager)
SRV:64bit: - [2011.09.23 08:20:42 | 000,079,664 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe -- (ExpressCache)
SRV:64bit: - [2011.09.15 11:41:28 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.09.15 11:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.09.15 11:24:52 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011.09.15 02:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011.06.03 05:51:38 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2015.09.22 18:17:12 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.08.26 14:46:30 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.04.12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2011.10.18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.10.18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.10.18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011.08.09 03:44:56 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.08.09 03:44:54 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.07.06 09:24:24 | 000,184,320 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv)
SRV - [2010.12.17 06:18:38 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2015.09.10 16:54:57 | 000,113,880 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\0D18786C.sys -- (MBAMSwissArmy)
DRV:64bit: - [2015.08.14 18:43:01 | 001,048,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2015.08.07 18:42:42 | 000,447,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2015.08.07 18:42:42 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015.08.07 18:42:42 | 000,150,672 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015.08.07 18:42:42 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015.08.07 18:42:42 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015.08.07 18:42:42 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015.08.07 18:42:42 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.10.28 14:20:15 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.24 06:04:32 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hw_quusbmdm.sys -- (HWHandSet)
DRV:64bit: - [2011.10.11 13:08:00 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.10.10 16:43:16 | 000,288,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.09.23 08:20:50 | 000,080,688 | ---- | M] (Diskeeper Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\excsd.sys -- (excsd)
DRV:64bit: - [2011.09.23 08:20:50 | 000,023,344 | ---- | M] (Diskeeper Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\excfs.sys -- (excfs)
DRV:64bit: - [2011.09.17 19:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.09.15 02:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.09.15 02:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.09.08 09:20:56 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.09.08 09:20:56 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.08.31 20:02:36 | 000,197,416 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011.08.29 16:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.08.17 09:19:38 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.07.26 08:22:48 | 012,288,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.06.15 22:50:08 | 000,026,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irstrtdv.sys -- (irstrtdv)
DRV:64bit: - [2011.06.02 03:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 03:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.05.17 08:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.11 12:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.17 06:18:38 | 000,019,504 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.28 08:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..\SearchScopes,DefaultScope = {D58AA36E-5ED5-443A-9297-B88B9423A981}
IE - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..\SearchScopes\{D58AA36E-5ED5-443A-9297-B88B9423A981}: "URL" = http://www.google.com/search?q={searchT ... ing?}&rlz=
IE - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..\SearchScopes\{ECDFA29A-4100-4126-8FCB-840A16C4C8F2}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015.06.27 10:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radmila\AppData\Roaming\mozilla\Extensions
[2015.09.19 17:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radmila\AppData\Roaming\mozilla\Firefox\Profiles\g90x2fay.default\extensions
[2015.09.19 17:07:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.09.19 17:07:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2015.09.14 20:00:13 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker64.exe (FileOpen Systems Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..Trusted Domains: unmz.cz ([www.csnonlinefirmy] https in Trusted sites)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/ ... 5406038733 (MUCatalogWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.78.88.88 109.123.201.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1C0FB08-EEE9-4546-8462-00969FE33CBA}: DhcpNameServer = 77.78.88.88 109.123.201.11
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.07.08 21:47:37 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8bb22189-6670-11e3-b4d1-88532e9b6aa8}\Shell - "" = AutoRun
O33 - MountPoints2\{8bb22189-6670-11e3-b4d1-88532e9b6aa8}\Shell\AutoRun\command - "" = "D:\WD SmartWare.exe" autoplay=true
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.09.22 18:16:45 | 018,819,272 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2015.09.19 17:07:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015.09.19 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.09.19 16:17:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2015.09.19 16:17:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2015.09.17 21:15:45 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2015.09.14 21:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2015.09.14 21:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2015.09.14 20:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015.09.14 20:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015.09.10 16:54:57 | 000,113,880 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\0D18786C.sys
[2015.09.09 21:05:18 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2015.09.09 21:05:17 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2015.09.09 21:05:17 | 000,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2015.09.09 20:52:25 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidpolicyconverter.exe
[2015.09.09 20:52:24 | 000,616,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2015.09.09 20:52:23 | 000,692,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2015.09.09 20:52:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidapi.dll
[2015.09.09 20:52:18 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appidapi.dll
[2015.09.09 20:52:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidcertstorecheck.exe
[2015.09.09 20:52:08 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2015.09.09 20:51:45 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\InkEd.dll
[2015.09.09 20:51:45 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\InkEd.dll
[2015.09.09 20:51:44 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jnwmon.dll
[2015.09.09 20:51:09 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2015.09.09 20:51:09 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2015.09.09 20:51:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmapi.dll
[2015.09.09 20:51:02 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2015.09.09 20:51:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2015.09.09 20:51:01 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2015.09.09 20:51:01 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2015.09.09 20:51:01 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2015.09.09 20:51:01 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2015.09.09 20:51:00 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015.09.09 20:51:00 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2015.09.09 20:50:59 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2015.09.09 20:50:59 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.09.09 20:50:55 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2015.09.09 20:50:55 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2015.09.09 20:50:55 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2015.09.09 20:50:51 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015.09.09 20:50:51 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2015.09.09 20:50:51 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2015.09.09 20:50:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2015.09.09 20:50:50 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2015.09.09 20:50:50 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015.09.09 20:50:50 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2015.09.09 20:50:50 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2015.09.09 20:50:47 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015.09.09 20:50:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2015.09.09 20:50:45 | 002,126,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2015.09.09 20:50:42 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2015.09.09 20:50:42 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015.09.09 20:50:40 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2015.09.09 20:50:40 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2015.09.09 20:50:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2015.09.09 20:50:39 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2015.09.09 20:50:38 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2015.09.09 20:50:36 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2015.09.09 20:50:35 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2015.09.09 20:50:35 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015.09.09 20:50:34 | 005,923,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015.09.09 20:50:34 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2015.09.09 20:50:31 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2015.09.09 20:50:31 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2015.09.09 20:50:30 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2015.09.09 20:50:11 | 001,390,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagtrack.dll
[2015.09.09 20:50:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UtcResources.dll
[2015.09.09 20:50:10 | 005,568,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2015.09.09 20:50:09 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2015.09.09 20:50:08 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2015.09.09 20:50:08 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2015.09.09 20:50:07 | 003,934,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2015.09.09 20:50:04 | 003,989,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2015.09.09 20:50:03 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2015.09.09 20:50:03 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2015.09.09 20:50:02 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2015.09.09 20:50:01 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2015.09.09 20:49:54 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2015.09.09 20:49:54 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2015.09.09 20:49:54 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2015.09.09 20:49:53 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2015.09.09 20:49:53 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2015.09.09 20:49:53 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2015.09.09 20:49:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2015.09.09 20:49:52 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2015.09.09 20:49:52 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2015.09.09 20:49:50 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2015.09.09 20:49:49 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2015.09.09 20:49:49 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\auditpol.exe
[2015.09.09 20:49:49 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll
[2015.09.09 20:49:49 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\auditpol.exe
[2015.09.09 20:49:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptbase.dll
[2015.09.09 20:49:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2015.09.09 20:49:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2015.09.09 20:49:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2015.09.09 20:49:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2015.09.09 20:49:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2015.09.09 20:49:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2015.09.09 20:49:47 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.09.09 20:49:47 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.09.09 20:49:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2015.09.09 20:49:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.09.09 20:49:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.09.09 20:49:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.09.09 20:49:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.09.09 20:49:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.09.09 20:49:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.09.09 20:49:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.09.09 20:49:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.09.09 20:49:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.09.09 20:49:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.09.09 20:49:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.09.09 20:49:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.09.09 20:49:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.09.09 20:49:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.09.09 20:49:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.09.09 20:49:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.09.09 20:49:46 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.09.09 20:49:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.09.09 20:49:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.09.09 20:49:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.09.09 20:49:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.09.09 20:49:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.09.09 20:49:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.09.09 20:49:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.09.09 20:49:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.09.09 20:49:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.09.09 20:49:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.09.09 20:49:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.09.09 20:49:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.09.09 20:49:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.09.09 20:49:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.09.09 20:49:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2015.09.09 20:49:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2015.09.09 20:49:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2015.09.09 20:49:40 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.09.09 20:49:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.09.09 20:49:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.09.09 20:49:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.09.09 20:49:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.09.09 20:49:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.09.09 20:49:39 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2015.09.09 20:49:39 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2015.09.09 20:49:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2015.09.09 20:49:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2015.09.09 20:49:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msobjs.dll
[2015.09.09 20:49:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msobjs.dll
[2015.09.09 20:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.09.09 20:49:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2015.09.09 20:47:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2015.09.09 20:47:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2015.09.09 20:47:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2015.09.09 20:47:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2015.09.09 20:47:18 | 000,372,736 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2015.09.09 20:47:18 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2015.09.09 20:47:17 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2015.09.09 20:47:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2015.09.09 20:47:17 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2015.09.09 20:47:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2015.09.09 20:47:17 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2015.09.09 20:47:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2015.09.09 20:43:29 | 003,165,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015.09.09 20:43:29 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015.09.09 20:43:29 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015.09.09 20:43:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015.09.09 20:43:28 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015.09.09 20:43:28 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015.09.09 20:43:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015.09.09 20:43:28 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015.09.09 20:43:28 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2015.09.09 20:43:28 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2015.09.09 20:43:28 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015.09.09 20:43:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2015.09.09 20:43:28 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015.09.09 20:43:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2015.09.09 20:43:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wu.upgrade.ps.dll
[2015.09.01 18:06:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.09.01 18:05:22 | 000,000,000 | ---D | C] -- C:\Users\Radmila\AppData\Roaming\Sun
[2015.09.01 18:05:22 | 000,000,000 | ---D | C] -- C:\Users\Radmila\.oracle_jre_usage
[5 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.09.23 20:07:44 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.09.23 20:07:44 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.09.23 20:07:37 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.09.23 19:54:06 | 000,000,948 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.09.23 19:54:01 | 000,000,952 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.09.23 19:53:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015.09.22 20:16:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015.09.22 18:17:11 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2015.09.22 18:17:11 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.09.22 18:16:45 | 018,819,272 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2015.09.19 16:57:59 | 009,046,712 | ---- | M] () -- C:\Users\Radmila\Documents\Firefox 40.0.3 (x86 cs) - 2015-09-19.pcv
[2015.09.14 20:53:42 | 000,139,274 | ---- | M] () -- C:\Users\Radmila\Documents\cc_20150914_205313.reg
[2015.09.14 20:00:13 | 000,000,035 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2015.09.10 20:58:02 | 001,584,626 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015.09.10 20:58:02 | 000,669,132 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2015.09.10 20:58:02 | 000,654,480 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015.09.10 20:58:02 | 000,141,760 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2015.09.10 20:58:02 | 000,122,352 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015.09.10 16:54:57 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\0D18786C.sys
[2015.09.10 03:42:06 | 000,408,376 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2015.09.02 05:04:49 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2015.09.02 05:04:46 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2015.09.02 05:04:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2015.09.02 05:04:42 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2015.09.02 04:48:31 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2015.09.02 04:48:25 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2015.09.02 03:47:08 | 000,372,736 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2015.09.02 03:33:48 | 000,299,520 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2015.09.01 18:05:43 | 000,110,688 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2015.08.27 20:13:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2015.08.27 20:13:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2015.08.27 19:51:26 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2015.08.27 19:51:26 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2015.08.26 20:07:11 | 003,165,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015.08.26 20:07:11 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015.08.26 20:07:11 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015.08.26 20:07:11 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2015.08.26 20:07:11 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2015.08.26 20:07:10 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015.08.26 20:06:43 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2015.08.26 20:06:33 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wu.upgrade.ps.dll
[2015.08.26 20:06:30 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015.08.26 20:06:30 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015.08.26 19:56:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015.08.26 19:56:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015.08.26 19:56:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2015.08.26 19:56:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015.08.26 19:55:37 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[5 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.09.23 20:07:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.09.21 20:17:29 | 000,000,914 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015.09.19 17:07:27 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015.09.19 16:57:39 | 009,046,712 | ---- | C] () -- C:\Users\Radmila\Documents\Firefox 40.0.3 (x86 cs) - 2015-09-19.pcv
[2015.09.19 07:48:33 | 000,000,952 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.09.19 07:48:32 | 000,000,948 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.09.14 20:53:37 | 000,139,274 | ---- | C] () -- C:\Users\Radmila\Documents\cc_20150914_205313.reg
[2014.02.25 16:33:39 | 001,560,276 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.07.10 19:51:25 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.07.10 19:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.10.27 10:11:10 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\.Torrent Swapper
[2015.06.21 08:18:46 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Anvsoft
[2013.12.06 07:20:07 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\AVAST Software
[2014.10.28 14:35:38 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\DAEMON Tools Lite
[2014.04.04 21:12:56 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Dropbox
[2014.04.04 21:12:55 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\DropboxMaster
[2013.11.17 16:40:27 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\FileOpen
[2015.06.21 08:02:43 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\HandBrake
[2014.04.22 10:58:17 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Oracle
[2015.09.09 17:21:16 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Seznam.cz
[2014.04.13 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Tracker Software
[2014.10.27 17:54:20 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\VitySoft
[2012.12.26 23:02:03 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\WildTangent
[2015.06.27 10:28:27 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Windows Live Writer
[2012.12.26 14:13:31 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,624 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2015.09.19 07:48:32 | 000,000,948 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.09.19 07:48:33 | 000,000,952 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.09.21 20:17:29 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2015.02.03 05:50:56 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=00D0F7BA3B27126A3E25B540979A9F39 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_d492bbeccaa14239\cryptsvc.dll
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2015.04.27 21:17:29 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=0925E2BEAC4493C887099F850D69BA3B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_d48a91becaa8aac3\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2014.07.07 04:06:31 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=19D511CC455C19DE1ADF60E6C39C85B6 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_d41cb8b3b175406a\cryptsvc.dll
[2015.02.03 05:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=1CD76A83B9E8E9A5A3519B39E28354D9 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_d4021b35b189f3e7\cryptsvc.dll
[2014.10.30 04:14:18 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=3031B5DC2A58A7BCE6651EA9B7DD6390 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22908_none_789f60191223613f\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2015.04.27 21:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\SysWOW64\cryptsvc.dll
[2015.04.27 21:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_77f653d3f91d2e9f\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2015.02.03 05:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=49474B3E37969AF4B5C076F42B623AFF -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_77e37fb1f92c82b1\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2015.04.27 20:55:50 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=59AF628BEF750EE470FD36751CA52137 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_786bf63b124b398d\cryptsvc.dll
[2014.07.07 03:40:07 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=623E143F2DF17C0106A9988F5D7DC878 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_77fe1d2ff917cf34\cryptsvc.dll
[2014.07.07 04:06:07 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=63A15BA9875364C4147B226CB70468B3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22908_none_d4bdfb9cca80d275\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2015.04.27 21:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\windows\SysNative\cryptsvc.dll
[2015.04.27 21:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_d414ef57b17a9fd5\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2015.02.03 05:31:49 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=B97E16D36DB7B7DD22C97857506FA58A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_787420691243d103\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011.02.18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\drivers\iaStor.sys
[2011.02.18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_52b32c0ad3e84c62\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2014.05.30 10:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2015.07.15 20:10:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0D48E93C6BE3143C0198CB252B992D16 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18933_none_0459e0df737bef3f\lsass.exe
[2015.05.25 20:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=17A6A9AAD04CCC6EE53290585BFC43AF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18869_none_043f70f1738eddf5\lsass.exe
[2015.01.14 08:04:46 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=1E31700D9C9E0FB79999D02A8437482C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18717_none_04737e137368226b\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[2015.05.25 20:21:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2A953A1104439BA166FD63A5806A16DF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23072_none_04b713ec8cbb1b91\lsass.exe
[2015.08.04 20:11:47 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2BB259A51DDADBCF9652C67A3E82447C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23153_none_04cdb5f48ca9fa2d\lsass.exe
[2015.07.15 05:19:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2CCFA4793B9696F26214634300FE8B37 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23126_none_04f126968c8ef25f\lsass.exe
[2015.07.15 20:08:44 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=31359EDA482F9A4C5DB36741596550AC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23136_none_04e656aa8c970e50\lsass.exe
[2014.09.19 11:42:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=341655B216721D89CADE9DEA2F33872F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[2015.03.06 07:32:14 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=395CAE11172BEBB0253895E8B5F82BFA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22983_none_04ad6c288cc21d97\lsass.exe
[2015.01.29 05:18:39 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=43FE6F74D2D43443CF2279613FA0A516 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18738_none_045ede85737773a4\lsass.exe
[2015.04.04 05:20:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=4C3FAC816925F73A34AD52F1F7C0A7EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18812_none_046e7e87736ca0df\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2015.01.10 09:09:08 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=55C62F66528A7BF58EA964B70BCB3D96 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22920_none_04eb4ad28c9429ec\lsass.exe
[2015.01.27 05:56:02 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=5B63917A1BE4728D8111850CDEF252F1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22943_none_04d8abd88ca1add3\lsass.exe
[2015.07.01 20:20:08 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=5F8423E7FDA0EB902C6D156F6121E094 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23115_none_04faf6388c87bd17\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22923_none_04ee4bb08c9175f1\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22925_none_04f04c448c8fa89f\lsass.exe
[2015.02.03 05:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=7554A1B82B4A222FD4CC292ABD38A558 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18741_none_044d0c937385de34\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2015.04.27 21:22:35 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9262D6E2C239EDD6D87B080F2BCCEC9F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18839_none_045fe0b573768a22\lsass.exe
[2015.07.01 22:47:38 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=97D879A884E7CDFED51AD63348A35254 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18912_none_046e806d736c9e06\lsass.exe
[2015.07.15 05:19:02 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A7C232F194DE012B41B5EE0C5021CFDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18923_none_0464b0cb7373d34e\lsass.exe
[2015.03.06 07:41:46 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=B6C7729936AAF8E0697F0A7DCA82CED8 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18779_none_04349f1f7396fcbf\lsass.exe
[2014.09.19 11:47:37 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=B84317193B6A29F5F5DCF538C34FDCED -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
[2015.04.04 05:25:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BB9C1B746086558899935E3333CD4580 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e\lsass.exe
[2015.06.27 20:12:04 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BD1E0ADA58D82453182F297C4C6AA00A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23112_none_04f7f55a8c8a7112\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2015.01.10 08:47:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C8152B86C0F12E61B0AD5C95751547D3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18714_none_04707d35736ad666\lsass.exe
[2015.03.17 07:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=CA4FC33FB22D92368A0B221092B46374 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18798_none_041dfefd73a81b4a\lsass.exe
[2015.02.03 05:50:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=CBB80CC43E683F929F8D5E50330F7BA6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22948_none_04ddad4a8c9d2c86\lsass.exe
[2015.04.27 21:16:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D52C700254E7FBD9BF6D817BA7BA5309 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23040_none_04d5831c8ca49510\lsass.exe
[2015.03.17 07:11:03 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=DCCDD65A4E68360E5CF57AFC864C64E0 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23002_none_0502c3608c8257fa\lsass.exe
[2015.01.15 10:09:15 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=E0105F3B5B1C4B0F5B3D788A13504EC6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18719_none_04757ea773665519\lsass.exe
[2013.09.25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014.05.30 10:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe
[2015.07.23 00:03:07 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FBD94DDAB6D96DE7ECE7D38E48035A75 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23142_none_04d785968ca2c4e5\lsass.exe
[2015.06.27 20:02:30 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FCCD46F56DD641ED856FC0E65757B4FD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18909_none_0480525f735e3376\lsass.exe
[2015.07.23 02:01:53 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FDD980360C9D72DA77F4C59376AE95C9 -- C:\windows\SysNative\lsass.exe
[2015.07.23 02:01:53 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FDD980360C9D72DA77F4C59376AE95C9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18939_none_045fe29b73768749\lsass.exe

Jaryn74 · #26 Příspěvek od **Jaryn74** » 23 zář 2015 20:07

< MD5 for: NDIS.SYS >
[2010.12.29 12:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010.12.29 12:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2015.03.17 07:16:11 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=0B6514A14631E41DE4D6D40D1C80BE68 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18798_none_0a0e1c38300e82ce\smss.exe
[2015.05.25 20:21:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=18196A0F4C3904C81ACE6E91529227D9 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23072_none_0aa7312749218315\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2015.03.17 07:11:20 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=206A6B71AC09D9F7651F0A8B015676C7 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23002_none_0af2e09b48e8bf7e\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22908_none_0af90a3548e32446\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22921_none_0adc685748f9aac7\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22923_none_0ade68eb48f7dd75\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2015.07.23 02:02:14 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=50EEE09D03B94A13DFEFEFC1D774FC31 -- C:\windows\SysNative\smss.exe
[2015.07.23 02:02:14 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=50EEE09D03B94A13DFEFEFC1D774FC31 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18939_none_0a4fffd62fdceecd\smss.exe
[2015.07.15 20:10:25 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=55C48343919A72B0C8F5C42E4C798FCA -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18933_none_0a49fe1a2fe256c3\smss.exe
[2015.07.15 20:08:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=5E200958CFBDB2B82C78B6F883236640 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23136_none_0ad673e548fd75d4\smss.exe
[2015.02.03 05:30:42 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=63D3C30B497347495B8EA78A38188969 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18741_none_0a3d29ce2fec45b8\smss.exe
[2015.08.04 20:12:02 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=673173E434A15DCF217998299C356A9E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23153_none_0abdd32f491061b1\smss.exe
[2015.01.29 05:18:52 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=83C0199B7C06AC3C33212E1A0DC2260E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18738_none_0a4efbc02fdddb28\smss.exe
[2015.02.03 05:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=8CD5A97B8D155718D357B2D9BC6B113D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22948_none_0acdca854903940a\smss.exe
[2015.05.25 20:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9BBEA639884C0338DD78654277BD188A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18869_none_0a2f8e2c2ff54579\smss.exe
[2015.07.15 05:19:24 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B094FD54A16671683B4A27A8C43BCDD0 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18923_none_0a54ce062fda3ad2\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2015.01.27 05:56:16 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B75198D88A34994DE1E4D9F2286DF759 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22943_none_0ac8c91349081557\smss.exe
[2015.07.15 05:19:40 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=C95509F69D3584BB216C5B2365E74956 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23126_none_0ae143d148f559e3\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2015.04.27 21:17:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CF8DC00FA29243A347AD4B605AFFF1E5 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23040_none_0ac5a057490afc94\smss.exe
[2015.04.27 21:22:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=DA5EF2CC0764BE7097BAFA9CAF903FE8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18839_none_0a4ffdf02fdcf1a6\smss.exe
[2015.07.23 00:03:29 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E31F311AEACDAB79CFA4E5B5ACB2B954 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23142_none_0ac7a2d149092c69\smss.exe
[2013.07.08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011.03.01 10:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011.03.01 10:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\windows\SysNative\svchost.exe
[2011.03.01 10:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2011.03.01 10:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011.03.01 10:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011.03.01 10:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[9 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[17 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[18 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[5 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.10.27 10:11:10 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\.Torrent Swapper
[2015.07.16 18:59:59 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Adobe
[2015.06.21 08:18:46 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Anvsoft
[2013.12.06 07:20:07 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\AVAST Software
[2014.10.28 14:35:38 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\DAEMON Tools Lite
[2014.04.04 21:12:56 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Dropbox
[2014.04.04 21:12:55 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\DropboxMaster
[2013.11.17 16:40:27 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\FileOpen
[2015.06.21 08:02:43 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\HandBrake
[2012.04.28 15:32:03 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Identities
[2012.04.28 15:29:33 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Intel
[2012.12.24 21:14:01 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Macromedia
[2012.01.17 20:23:44 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Media Center Programs
[2014.05.11 21:06:54 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Media Player Classic
[2015.08.09 19:55:26 | 000,000,000 | --SD | M] -- C:\Users\Radmila\AppData\Roaming\Microsoft
[2015.06.27 10:12:11 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Mozilla
[2014.04.22 10:58:17 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Oracle
[2015.09.09 17:21:16 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Seznam.cz
[2015.08.20 20:34:59 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Skype
[2015.09.01 18:05:22 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Sun
[2014.04.13 20:26:46 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Tracker Software
[2014.10.27 17:54:20 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\VitySoft
[2012.12.26 23:02:03 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\WildTangent
[2015.06.27 10:28:27 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Windows Live Writer
[2012.12.26 14:13:31 | 000,000,000 | ---D | M] -- C:\Users\Radmila\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2015.05.18 05:50:26 | 005,494,882 | ---- | M] () -- C:\Users\Radmila\AppData\Roaming\Anvsoft\Common\youtube-dl.exe
[2014.03.19 14:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radmila\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.03.19 14:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radmila\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.03.19 14:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radmila\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.12.26 14:23:07 | 012,505,560 | ---- | M] (ZONER software ) -- C:\Users\Radmila\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build07.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.09.22 18:17:11 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerApp.exe
[2015.09.22 18:17:11 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerCPLApp.cpl
[2015.09.22 18:16:45 | 018,819,272 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerInstaller.exe
[5 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"OfficeSyncProcess" = "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" -- [2015.03.18 19:59:14 | 000,720,064 | ---- | M] (Microsoft Corporation)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.09.23 20:07:37 | 000,000,512 | ---- | M] () MD5=7217FE1A0A2DEAF1571DE07A37DBC01B -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.10.27 17:54:23 | 000,005,592 | ---- | M] () -- \Users\Radmila\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2007.09.14 05:08:10 | 786,043,184 | ---- | M] () -- \Users\Radmila\Videos\Pohádky\Wallace a Gromit\Wallace a Gromit - Cracking Contraptions.avi
[2007.09.14 07:23:18 | 000,010,996 | ---- | M] () -- \Users\Radmila\Videos\Pohádky\Wallace a Gromit\Wallace a Gromit - Cracking Contraptions.srt

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2015.05.14 05:35:14 | 000,173,056 | ---- | M] () -- \Program Files (x86)\Anvsoft\Any Video Converter\avcdownloader.dll
[2015.04.24 14:49:28 | 000,005,932 | ---- | M] () -- \Program Files (x86)\Anvsoft\Any Video Converter\plugins\loader.avsi
[2014.09.03 01:27:24 | 000,268,432 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.08.17 09:20:12 | 000,058,664 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\Koan\pyloader.dll
[2011.08.17 09:19:08 | 000,015,969 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\PyUploader.kc
[2011.08.17 09:19:08 | 000,181,544 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\_PyUploader.pyd
[2011.08.17 09:19:08 | 002,551,592 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2011.12.10 19:00:28 | 000,004,782 | ---- | M] () -- \Program Files (x86)\DVDFab Media Player\addons\webinterface.default\images\ajax-loader.gif
[2010.03.05 23:12:10 | 000,675,568 | ---- | M] () -- \Program Files (x86)\WildGames\Game Console - WildGames\WTDownloader.exe
[2015.08.07 18:42:32 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015.08.07 18:42:32 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2014.09.03 01:27:24 | 000,364,176 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.04.29 16:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.29 16:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 19:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Picasa\ZPSPluginLoader.exe
[2011.06.08 16:20:02 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program32\8bfLoader.exe
[2011.06.08 16:20:16 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program32\WICLoader.exe
[2011.06.08 16:21:16 | 000,021,896 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program64\WICLoader.exe
[2012.12.26 23:04:54 | 000,000,747 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\Common\css\online_loader.css
[2012.12.26 23:04:51 | 000,000,640 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\Common\img\mini_loader_off.gif
[2012.12.26 23:04:51 | 000,002,068 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\Common\img\mini_loader_on.gif
[2012.12.26 23:04:51 | 000,012,527 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\Common\img\windowed_loader_75.gif
[2012.12.26 23:04:54 | 000,003,194 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\Common\js\online_loader.js
[2012.12.26 23:04:55 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\de\Online_Loader.html
[2012.12.26 23:04:52 | 000,003,083 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\de\img\going_online_loader.gif
[2012.12.26 23:04:52 | 000,003,241 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\de\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\de\swf\loader_web.swf
[2012.12.26 23:04:55 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\en\Online_Loader.html
[2012.12.26 23:04:52 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\en\img\going_online_loader.gif
[2012.12.26 23:04:52 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\en\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\en\swf\loader_web.swf
[2012.12.26 23:04:55 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\en-us\Online_Loader.html
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2012.12.26 23:04:52 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\en-us\img\going_online_loader.gif
[2012.12.26 23:04:52 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2012.12.26 23:04:56 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\es\Online_Loader.html
[2012.12.26 23:04:52 | 000,003,199 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\es\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,515 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\es\swf\loader_web.swf
[2012.12.26 23:04:56 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\es-es\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,031 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\es-es\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,665 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\es-es\swf\loader_web.swf
[2012.12.26 23:04:57 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\fr\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,143 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\fr\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,545 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\fr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\fr\swf\loader_web.swf
[2012.12.26 23:04:57 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\it\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,186 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\it\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,368 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\it\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\it\swf\loader_web.swf
[2012.12.26 23:04:58 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\ko-kr\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,160 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,054 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\ko-kr\swf\loader_web.swf
[2012.12.26 23:04:59 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\pt\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,210 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\pt\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,581 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\pt\img\onlineloader_retry.gif
[2012.12.26 23:04:59 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\zh\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,111 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\zh\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,092 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\zh\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\zh\swf\loader_web.swf
[2012.12.26 23:05:00 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\zh-cn\Online_Loader.html
[2012.12.26 23:04:54 | 000,002,778 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2012.12.26 23:04:54 | 000,003,219 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\Game Console - WildGames\UI\htdocs2\zh-cn\swf\loader_web.swf
[2012.12.26 23:04:54 | 000,000,747 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\Common\css\online_loader.css
[2012.12.26 23:04:51 | 000,000,640 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\Common\img\mini_loader_off.gif
[2012.12.26 23:04:51 | 000,002,068 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\Common\img\mini_loader_on.gif
[2012.12.26 23:04:51 | 000,012,527 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\Common\img\windowed_loader_75.gif
[2012.12.26 23:04:54 | 000,003,194 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\Common\js\online_loader.js
[2012.12.26 23:04:55 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\de\Online_Loader.html
[2012.12.26 23:04:52 | 000,003,083 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\de\img\going_online_loader.gif
[2012.12.26 23:04:52 | 000,003,241 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\de\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\de\swf\loader_web.swf
[2012.12.26 23:04:55 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\en\Online_Loader.html
[2012.12.26 23:04:52 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\en\img\going_online_loader.gif
[2012.12.26 23:04:52 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\en\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\en\swf\loader_web.swf
[2012.12.26 23:04:55 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\en-us\Online_Loader.html
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2012.12.26 23:04:52 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\en-us\img\going_online_loader.gif
[2012.12.26 23:04:52 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2012.12.26 23:04:56 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\es\Online_Loader.html
[2012.12.26 23:04:52 | 000,003,199 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\es\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,515 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\es\swf\loader_web.swf
[2012.12.26 23:04:56 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\es-es\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,031 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\es-es\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,665 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\es-es\swf\loader_web.swf
[2012.12.26 23:04:57 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\fr\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,143 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\fr\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,545 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\fr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\fr\swf\loader_web.swf
[2012.12.26 23:04:57 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\it\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,186 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\it\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,368 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\it\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\it\swf\loader_web.swf
[2012.12.26 23:04:58 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\ko-kr\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,160 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,054 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\ko-kr\swf\loader_web.swf
[2012.12.26 23:04:59 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\pt\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,210 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\pt\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,581 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\pt\img\onlineloader_retry.gif
[2012.12.26 23:04:59 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\zh\Online_Loader.html
[2012.12.26 23:04:53 | 000,003,111 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\zh\img\going_online_loader.gif
[2012.12.26 23:04:53 | 000,003,092 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\zh\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\zh\swf\loader_web.swf
[2012.12.26 23:05:00 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\zh-cn\Online_Loader.html
[2012.12.26 23:04:54 | 000,002,778 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2012.12.26 23:04:54 | 000,003,219 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2008.11.10 23:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\Game Console - WildGames\UI\htdocs2\zh-cn\swf\loader_web.swf
[2014.10.27 20:46:44 | 000,057,728 | ---- | M] () -- \Users\Radmila\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2014.10.27 20:46:44 | 000,057,728 | ---- | M] () -- \Users\Radmila\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2014.10.27 20:46:44 | 000,057,728 | ---- | M] () -- \Users\Radmila\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2014.10.27 20:46:44 | 000,057,728 | ---- | M] () -- \Users\Radmila\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2014.10.27 20:46:44 | 000,057,728 | ---- | M] () -- \Users\Radmila\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2014.10.27 20:46:44 | 000,061,770 | ---- | M] () -- \Users\Radmila\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2014.10.27 20:46:44 | 000,061,770 | ---- | M] () -- \Users\Radmila\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2015.07.23 17:09:34 | 000,072,638 | ---- | M] () -- \Users\Radmila\AppData\Local\Skype\Apps\login\images\loader.gif
[2015.07.23 17:09:34 | 000,003,032 | ---- | M] () -- \Users\Radmila\AppData\Local\Skype\Apps\login\images\loader.png
[2015.07.23 17:09:34 | 000,006,012 | ---- | M] () -- \Users\Radmila\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2015.07.23 17:09:34 | 000,021,956 | ---- | M] () -- \Users\Radmila\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2015.07.23 17:09:34 | 000,009,772 | ---- | M] () -- \Users\Radmila\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.09 09:52:18 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 05:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 09:52:18 | 000,364,168 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 05:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2015.09.21 20:15:43 | 000,014,874 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER32.EXE-BB2E4DE4.pf
[2015.09.21 20:15:43 | 000,012,550 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER64.EXE-123116A5.pf
[2015.07.22 19:42:39 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[5 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2015.07.22 19:42:39 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[5 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:11:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:16:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 05:06:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_68cc15ff92788e54\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 20:00:47 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_68c146139280aa45\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 01:52:00 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_68c747cf927b424f\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:10:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 05:11:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_69588bcaab93ad65\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 20:05:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_694dbbdeab9bc956\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 23:52:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_693eeacaaba77feb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.08.04 20:03:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23153_none_69351b28abaeb533\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.09.10 03:03:53 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_9139241113cd1cfb.manifest
[2015.09.10 03:03:53 | 000,033,216 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_9139241113cd1cfb_winload.efi.mui_35ee487d
[2015.09.10 03:03:53 | 000,034,752 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_9139241113cd1cfb_winload.exe.mui_3bc5b827
[2015.09.10 03:03:53 | 000,031,064 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_9139241113cd1cfb_winresume.efi.mui_f412814e
[2015.09.10 03:03:53 | 000,030,144 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_9139241113cd1cfb_winresume.exe.mui_ff8b5358
[2015.09.10 03:03:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_b91d6f99836a832e.manifest
[2015.09.10 03:03:53 | 000,692,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_b91d6f99836a832e_winload.efi_75834aa0
[2015.09.10 03:03:53 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_b91d6f99836a832e_winload.exe_75835076
[2015.09.10 03:03:54 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_b91d6f99836a832e_winresume.efi_85cd069f
[2015.09.10 03:03:54 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_b91d6f99836a832e_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.14 20:36:34 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2012.01.17 20:35:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.02.03 06:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.08.04 21:25:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_9139241113cd1cfb.manifest
[2014.12.13 03:57:48 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_9200d0e22cbafea1.manifest
[2015.01.13 00:17:25 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_91e42f042cd18522.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.27 07:32:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.02.03 07:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.03.17 08:28:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_91faa7482cc099d9.manifest
[2015.04.27 22:33:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.07.15 07:49:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_91e90a7e2ccd343e.manifest
[2015.07.15 22:47:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_91de3a922cd5502f.manifest
[2015.07.23 05:58:18 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_91cf697e2ce106c4.manifest
[2015.08.04 21:24:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_cs-cz_91c599dc2ce83c0c.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.08.04 20:26:21 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_b91d6f99836a832e.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.12.12 08:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2015.01.12 05:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 06:22:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.03.17 07:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015.04.27 21:40:54 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2015.07.15 05:48:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_b9cd56069c6a9a71.manifest
[2015.07.15 20:39:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_b9c2861a9c72b662.manifest
[2015.07.23 03:47:39 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_b9b3b5069c7e6cf7.manifest
[2015.08.04 20:43:58 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23153_none_b9a9e5649c85a23f.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:50:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:59:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:47:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_0cad7a7bda1b1d1e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:44:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_0ca2aa8fda23390f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 19:42:39 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_0ca8ac4bda1dd119\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:52:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:51:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_0d39f046f3363c2f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_0d2f205af33e5820\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 01:54:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_0d204f46f34a0eb5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.08.04 19:43:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23153_none_0d167fa4f35143fd\api-ms-win-core-libraryloader-l1-1-0.dll

Jaryn74 · #27 Příspěvek od **Jaryn74** » 23 zář 2015 20:08

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.02.09 07:38:08 | 000,707,072 | ---- | M] () -- \Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\serializer.dll
[2015.07.28 01:47:54 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.dll
[2015.08.13 16:37:27 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.ni.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2015.07.28 02:14:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.dll
[2015.08.13 16:38:05 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.ni.dll
[2014.07.11 00:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.09.01 21:31:07 | 000,032,768 | ---- | M] () -- \Users\Radmila\AppData\Local\HF Designer\{5DE364C4-EB39-49F5-B74F-34B3E92D0F48}\mdbu\Locations!IX_VolumeSerialNumber_Location.ind
[2013.09.01 21:31:07 | 000,008,192 | ---- | M] () -- \Users\Radmila\AppData\Local\HF Designer\{5DE364C4-EB39-49F5-B74F-34B3E92D0F48}\mdbu\Media!IX_VolumeSerialNumber.ind
[2013.07.08 14:43:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.10.16 18:11:27 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.16 18:27:38 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014.10.16 18:18:27 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.16 22:23:47 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2015.01.19 20:33:22 | 000,306,176 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015.01.19 20:33:22 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015.01.19 20:35:37 | 002,855,424 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
[2015.01.19 20:35:37 | 000,000,996 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll.aux
[2015.01.19 20:55:19 | 000,025,600 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll
[2015.01.19 20:55:19 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll.aux
[2015.01.25 17:58:30 | 000,366,080 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\769e80c5193dedd5ef90a962c002d15a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015.01.25 17:58:30 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\769e80c5193dedd5ef90a962c002d15a\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015.01.31 15:40:51 | 003,597,312 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\cdca00d5c58d31de2503310a31ca096f\System.Runtime.Serialization.ni.dll
[2015.01.31 15:40:51 | 000,000,996 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\cdca00d5c58d31de2503310a31ca096f\System.Runtime.Serialization.ni.dll.aux
[2015.01.31 15:43:05 | 000,027,648 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\85b2d15d965e64489744325c53d91db0\System.Xml.Serialization.ni.dll
[2015.01.31 15:43:05 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\85b2d15d965e64489744325c53d91db0\System.Xml.Serialization.ni.dll.aux
[2014.04.12 01:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll.amd64
[2014.04.12 01:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll.x86
[2014.04.12 01:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll_gac_x86
[2014.04.12 01:48:40 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.12 01:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.12 00:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2014.04.12 00:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014.04.12 01:48:40 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.04.12 00:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.04.12 00:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2014.04.12 00:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.17 20:38:13 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2014.04.12 01:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.12 00:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014.04.12 00:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014.04.12 00:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014.04.12 00:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2014.04.12 00:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014.04.12 01:48:40 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.12 01:48:40 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014.06.24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.17 20:38:11 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014.07.11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2014.04.12 01:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.12 00:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014.04.12 00:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014.04.12 00:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014.04.12 00:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2014.04.12 00:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2014.04.12 00:40:46 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.12 00:40:46 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[5 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.01.17 20:38:05 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[5 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2012.01.17 20:38:05 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2012.01.17 20:38:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.01.17 20:38:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_1e468964c1feb99a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.01.17 20:38:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_1ec35795db263fce\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.01.17 20:38:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_bb8e310269277fd7\System.RunTime.Serialization.Resources.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_bc0cffc7824d38b9\System.RunTime.Serialization.Resources.dll
[2012.01.17 20:38:15 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2014.03.09 23:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014.07.11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2014.03.17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014.07.08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2014.03.09 23:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014.07.11 00:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014.03.17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014.07.08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2012.01.17 04:22:53 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.01.17 04:22:53 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2012.01.17 20:38:39 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2012.01.17 20:38:39 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2014.07.02 08:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014.07.14 04:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2014.07.02 08:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014.07.14 04:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2014.07.02 08:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014.07.14 04:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2014.07.02 08:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014.07.14 04:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014.07.02 07:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 04:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014.07.02 08:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 04:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2012.01.17 20:37:07 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2014.07.02 09:46:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 06:02:27 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2014.07.02 10:08:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 06:06:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014.07.02 08:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 04:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014.07.02 08:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 04:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014.07.02 07:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 04:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014.07.02 08:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 04:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.17 20:38:12 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 14:43:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014.03.17 16:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2012.01.17 20:38:13 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.17 20:38:13 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_289b33b6f65f7b95\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.17 20:38:13 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_291801e80f8701c9\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.17 20:38:05 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2012.01.17 20:38:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Jaryn74 · #28 Příspěvek od **Jaryn74** » 23 zář 2015 20:09

OTL Extras logfile created on: 23.9.2015 20:01:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Radmila\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18015)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,90 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,40% Memory free
7,79 Gb Paging File | 5,77 Gb Available in Paging File | 74,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,88 Gb Total Space | 97,99 Gb Free Space | 22,08% Space Free | Partition Type: NTFS

Computer Name: JAROSLAV | User Name: Radmila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-198510878-2715960250-1679441269-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0105BFDA-055B-4164-92AF-F55C1117B58B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{023EA812-FD16-4A61-B429-2C6F113B0DA0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{05773E7B-B0BD-4F7C-A86A-996418B4DF0E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{07B5E3CE-367A-42BF-98AD-75BF8B7D3BF4}" = rport=445 | protocol=6 | dir=out | app=system |
"{2F166197-2626-40D5-AC07-388C9FA009DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{46CEE015-0E28-4033-81CC-D1B138DA6326}" = rport=137 | protocol=17 | dir=out | app=system |
"{623235CB-5C28-4E3B-A459-F962BD2D401D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{627BACDF-F4C7-4084-AA07-9117D1C2F9E3}" = lport=138 | protocol=17 | dir=in | app=system |
"{68D96067-B400-41BC-8BB5-8945E343CC0A}" = lport=445 | protocol=6 | dir=in | app=system |
"{7DEE873F-1753-4363-A825-EE725A27E08F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{904FBD20-BADC-446F-A68B-E3860F37F2A6}" = lport=137 | protocol=17 | dir=in | app=system |
"{B1112813-9C5E-4722-958E-FDF2C7B6DC87}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B19EEEE0-F595-4DB3-99F9-57FA210F8F4A}" = lport=139 | protocol=6 | dir=in | app=system |
"{BBF8CCCD-89E5-4B17-B8DF-11E10EC09433}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C9D11ECF-3553-474A-942A-BC9185C01B34}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CA4E9A11-F701-46D9-947A-C62F947D1C19}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD059AC4-6CC3-4145-A9EE-40DB86993BCA}" = rport=139 | protocol=6 | dir=out | app=system |
"{D5076FEA-30E8-4C71-B0F5-EDF76C58ABDD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4C5FCFD-95FF-40A8-BE78-A4736DFC5351}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F6C37DEB-3385-460F-8D01-332DCF1AFAF9}" = rport=138 | protocol=17 | dir=out | app=system |
"{F95D6A5F-C375-4BF8-B86C-3515C07ECC34}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE705A5C-24D2-4084-9EB2-947B77390671}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017E4369-9F5F-4E2C-80D2-CB17A950F9EC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{03E407ED-C1C9-4E21-8DC9-B71CB93DD2C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{05195319-C573-475E-9BAE-5291F52124F1}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{07ADD5B8-0CFB-4209-8B84-173C4D924A78}" = protocol=17 | dir=in | app=c:\users\radmila\appdata\roaming\dropbox\bin\dropbox.exe |
"{0B6B120B-A245-4C29-BD91-B7A355648A0C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{16ED984E-5166-47EE-851E-F0E21A0B1F11}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{1BFB33D7-D634-4451-BA6E-1292905D1CD2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1EA462A1-D614-40A4-9BBB-8BD544079009}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2B7A17E3-691F-45D2-BA06-4921C7DF3486}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F294918-69A1-49CF-A82E-EAACF3783D37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{302F4D9A-4DA4-40A7-B9FA-DE1640F08F02}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{375BA9B7-69C0-4327-B7B6-73C9939A6BAA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{38671F92-031F-4D75-B9E4-20B16E4F1BF4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{448C67D8-6D21-4966-8FE9-FB492C683085}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4AE3001D-DF7C-4532-879A-DDEEF5CD77C5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{56B9DA8A-7D8F-467D-A2C3-51E6934EB046}" = protocol=6 | dir=out | app=system |
"{5E97E0CD-14B5-4BE2-814A-990635ABB186}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{692E148E-2DD7-476E-8B81-BD57A5FE65DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6CF794E4-26E0-4892-A4D0-B1C9D2402407}" = protocol=6 | dir=in | app=c:\users\radmila\appdata\roaming\dropbox\bin\dropbox.exe |
"{70566AF7-48EB-45F5-8787-B4A1295AE9EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{766A1CDE-3BB4-42E9-9359-92F21D574BC1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8850B6E8-514E-46FF-99F3-7B3879B211E9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A120029B-5C4A-4795-8825-2C2789C9DE85}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A824BAD7-52F0-47D5-BDB6-409FF0690230}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BF5C7B50-1144-4938-A3E5-57DC699F70D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D8764293-4BF7-4EEB-9B92-6E55721F4EB7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DEDFDDB0-88F7-4CE1-A66C-62E8383759DC}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{DFF61D01-A0CC-4B0A-9CB9-C153AAB98211}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E080BE16-BD0D-4A6A-AB20-23A526F9889B}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{EDA1C234-593F-45B0-B638-1749DB816F7A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{24FB1C4F-5248-4525-9088-B7A40DFECC67}C:\program files (x86)\dvdfab media player\fabstreamer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dvdfab media player\fabstreamer.exe |
"TCP Query User{B689638F-F99B-4660-960C-2ACE57747EF8}C:\program files (x86)\dvdfab media player\dvdfabmediaplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dvdfab media player\dvdfabmediaplayer.exe |
"UDP Query User{4BFB5539-6B5B-450E-8CE1-96F68223669F}C:\program files (x86)\dvdfab media player\fabstreamer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dvdfab media player\fabstreamer.exe |
"UDP Query User{CEDD5F87-044D-45EC-8A53-EB1BC3FFCEC7}C:\program files (x86)\dvdfab media player\dvdfabmediaplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dvdfab media player\dvdfabmediaplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0936-000001000000}" = 7-Zip 9.36 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F86418060F0}" = Java 8 Update 60 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel(R) PROSet/Wireless WiFi Software
"{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{306B3D69-E336-4644-9A08-D85A5603D1BE}" = PDF-XChange Editor
"{3ED9A79B-1419-4C5F-BA88-EFD6F180EBE5}" = FileOpen Client (x64) B928
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{860203FC-987D-4429-8A08-8332B21AD90E}" = S Agent
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1" = PDF-XChange 2012 Pro
"{F9EB0DDE-931C-4E89-96B2-DE8286EDFA6C}" = ExpressCache
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-X64 10.0.7.3_WHQL
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"ProInst" = Intel PROSet Wireless
"ZonerPhotoStudio13_CZ_is1" = Zoner Photo Studio 13

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{12F81925-F3C1-40DB-91F7-777817974319}" = Easy File Share
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{16D80FCD-CE38-47E3-BD08-DA14422F8B95}" = Fast Flash Sleep Resume
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Settings
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83218060F0}" = Java 8 Update 60
"{2eef0fe2-cc4a-47d6-959c-de2d5c2cc40b}" = PDF-XChange Editor
"{331ECF61-69AF-4F57-AC35-AFED610231C3}" = Multimedia POP
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype™ 7.8
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{B750B5C2-CC17-4967-905B-29F4EB986131}" = Software Launcher
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}" = Intel(R) WiDi
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Easy Support Center 1.0
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"3D073343-CEEB-4ce7-85AC-A69A7631B5D6" = Intel(R) Rapid Start Technology
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 19 NPAPI
"Any Video Converter" = Any Video Converter 5.8.1
"avast" = Avast Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVDFab Media Player_is1" = DVDFab Media Player 1.0.2.9 (01/11/2012)
"Game Console - WildGames" = WildTangent ORB Game Console
"Handset WinDriver" = Handset WinDriver 1.02.03.00
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.0 (Full)
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 40.0.3 (x86 cs)" = Mozilla Firefox 40.0.3 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"Revo Uninstaller" = Revo Uninstaller 1.95
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WT085559" = Diner Dash 2 Restaurant Rescue
"WT085567" = Chuzzle Deluxe
"WT085580" = John Deere Drive Green
"WT085581" = Penguins!
"WT085583" = Polar Golfer
"WT085587" = Agatha Christie - Death on the Nile
"WT085597" = Build-a-lot
"WT085618" = Farm Frenzy
"WT085622" = Insaniquarium Deluxe
"WT085663" = Peggle
"WT085669" = Plants vs. Zombies
"WT089285" = Zuma Deluxe
"WT089286" = Bejeweled 2 Deluxe

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-198510878-2715960250-1679441269-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20.9.2015 8:12:07 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

Error - 20.9.2015 10:29:33 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

Error - 20.9.2015 12:34:28 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

Error - 20.9.2015 13:40:38 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

Error - 21.9.2015 13:51:09 | Computer Name = Jaroslav | Source = PerfNet | ID = 2004
Description =

Error - 21.9.2015 13:51:30 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

Error - 21.9.2015 14:12:04 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

Error - 22.9.2015 12:13:54 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

Error - 23.9.2015 10:35:59 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

Error - 23.9.2015 13:54:07 | Computer Name = Jaroslav | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 19.9.2015 2:59:05 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 19.9.2015 2:59:05 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 19.9.2015 10:46:17 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 19.9.2015 10:46:18 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 20.9.2015 1:58:44 | Computer Name = Jaroslav | Source = DCOM | ID = 10010
Description =

Error - 20.9.2015 13:43:09 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86
bylo dosaženo časového limitu (30000 ms).

Error - 21.9.2015 13:52:25 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Správce identit sítě rovnocenných počítačů
bylo dosaženo časového limitu (30000 ms).

Error - 21.9.2015 13:52:25 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7000
Description = Služba Správce identit sítě rovnocenných počítačů neuspěla při spuštění
v důsledku následující chyby: %%1053

Error - 21.9.2015 13:52:25 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Správce
identit sítě rovnocenných počítačů, která neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 21.9.2015 13:52:25 | Computer Name = Jaroslav | Source = Service Control Manager | ID = 7001
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) závisí na službě
Správce identit sítě rovnocenných počítačů, která neuspěla při spuštění v důsledku
následující chyby: %%1053

< End of report >

#29 Příspěvek od **Márty84** » 24 zář 2015 07:39

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O15:64bit: - ..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-198510878-2715960250-1679441269-1000\..Trusted Domains: unmz.cz ([www.csnonlinefirmy] https in Trusted sites)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2015.09.19 07:48:32 | 000,000,948 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.09.19 07:48:33 | 000,000,952 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.09.21 20:17:29 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[9 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[17 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[18 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[5 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Jaryn74 · #30 Příspěvek od **Jaryn74** » 24 zář 2015 18:55

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Radmila
->Temp folder emptied: 23051852 bytes
->Temporary Internet Files folder emptied: 8778862 bytes
->Java cache emptied: 361524 bytes
->FireFox cache emptied: 358336886 bytes
->Flash cache emptied: 1320 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1559839 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 449620 bytes

Total Files Cleaned = 374,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Radmila
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-198510878-2715960250-1679441269-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_USERS\S-1-5-21-198510878-2715960250-1679441269-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-198510878-2715960250-1679441269-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\unmz.cz\www.csnonlinefirmy\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP275D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP319A.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31AA.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4CD9.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6D28.tmp\Narrator.exe deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6D28.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP82F5.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC014.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE3AA.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP11.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1352.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP259C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4B95.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5193.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6354.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6A99.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7D0B.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB1E2.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB7C6.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCF51.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE225.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF49B.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFDF8.tmp\System.Data.Entity.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFDF8.tmp folder deleted successfully.
C:\windows\Installer\MSI259E.tmp deleted successfully.
C:\windows\Installer\MSI29C5.tmp deleted successfully.
C:\windows\Installer\MSI2D8C.tmp deleted successfully.
C:\windows\Installer\MSI302C.tmp deleted successfully.
C:\windows\Installer\MSI3156.tmp deleted successfully.
C:\windows\Installer\MSI34FF.tmp deleted successfully.
C:\windows\Installer\MSI3AEA.tmp deleted successfully.
C:\windows\Installer\MSI3DE.tmp deleted successfully.
C:\windows\Installer\MSI42C8.tmp deleted successfully.
C:\windows\Installer\MSI5CF5.tmp deleted successfully.
C:\windows\Installer\MSI644.tmp deleted successfully.
C:\windows\Installer\MSI6D99.tmp deleted successfully.
C:\windows\Installer\MSIA33D.tmp deleted successfully.
C:\windows\Installer\MSIC486.tmp deleted successfully.
C:\windows\Installer\MSIDC58.tmp deleted successfully.
C:\windows\Installer\MSIE407.tmp deleted successfully.
C:\windows\Installer\MSIE674.tmp deleted successfully.
C:\windows\Installer\MSIF302.tmp deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 09242015_194059

Files\Folders moved on Reboot...
C:\Users\Radmila\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Radmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

VIRY.CZ

Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log

Re: Kontrola log