Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by test (administrator) on HUTCH (29-01-2016 20:37:24)
Running from C:\Users\test\Desktop
Loaded Profiles: test (Available Profiles: test)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Tai Wai Shui Mu) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\ProgramData\dlohn\dlohn.exe
() C:\Program Files\Dripkix\Dripkix.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(tsvr.com) C:\Users\test\AppData\Roaming\TSv\TSvr.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(DotC United Inc) D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\ProgramData\ohnuze\ohnuze.exe
() C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\jnss6155.tmp
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\hnsx7C94.tmp
() C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\knsb336B.tmp
() C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\snsc5768.tmp
() C:\Users\test\AppData\Local\35B51072-1453676912-E111-A818-DC0EA173A626\qnsj7D7D.tmp
() C:\ProgramData\Zitenop\Zitenop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files\Dripkix\packages\d854d95b-213a-4357-8590-71bc67fdb0e2\amdide.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(DotC United Inc) D:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
() C:\Program Files (x86)\baidu\ppt.exe
() C:\Users\test\AppData\Local\Viber\Viber.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Feed Notifier\notifier.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DotC United Inc) D:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
() C:\ProgramData\ohnuze\ohnuze.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\C65A.tmp
() C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
() C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
() C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
() C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
() C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2012-01-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-01-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-12-27] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-01-14] (Lenovo)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4241512 2012-03-07] (AVAST Software)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EnergyCut] => c:\program files (x86)\lenovo\energycut\energycut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-721941654-2744527999-12510684-1000\...\Run: [GoogleChromeAutoLaunch_1B0E81B795B08FCFC87354BB5741BA8D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
HKU\S-1-5-21-721941654-2744527999-12510684-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit)
HKU\S-1-5-21-721941654-2744527999-12510684-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\ppt.exe [81920 2015-10-21] ()
HKU\S-1-5-21-721941654-2744527999-12510684-1000\...\Run: [Viber] => C:\Users\test\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
HKU\S-1-5-21-721941654-2744527999-12510684-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-721941654-2744527999-12510684-1000\...\MountPoints2: {46ca87fe-3e96-11e1-bb0d-dc0ea173a626} - G:\AutoRunCD.exe
HKU\S-1-5-21-721941654-2744527999-12510684-1000\...\MountPoints2: {72347dc4-65c9-11e1-9ce7-e4d53ddb5633} - F:\LaunchU3.exe -a
HKU\S-1-5-21-721941654-2744527999-12510684-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-18\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -update plugin
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
AppInit_DLLs: C:\ProgramData\Zitenop\Flexity.dll => C:\ProgramData\Zitenop\Flexity.dll [805376 2015-12-26] ()
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\ProgramData\Zitenop\Lightfresh.dll => C:\ProgramData\Zitenop\Lightfresh.dll [257536 2015-12-26] ()
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-01-14] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-01-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk [2015-12-13]
ShortcutTarget: Feed Notifier.lnk -> C:\Program Files (x86)\Feed Notifier\notifier.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{64044D7E-9B24-46AF-9C95-C70214869202}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{666EB138-89B9-4E3C-9459-E5202D906ADA}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{CA8337B7-92C6-43AC-8D75-81041728570C}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130946028049947333&GUID=9CCD7523-BA08-4936-9F48-A3775ABDB6F5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130946028049947333&GUID=9CCD7523-BA08-4936-9F48-A3775ABDB6F5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130946028049947333&GUID=9CCD7523-BA08-4936-9F48-A3775ABDB6F5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130946028049947333&GUID=9CCD7523-BA08-4936-9F48-A3775ABDB6F5
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130946028049947333&GUID=9CCD7523-BA08-4936-9F48-A3775ABDB6F5
HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130946028049947333&GUID=9CCD7523-BA08-4936-9F48-A3775ABDB6F5
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {356C663A-29A7-4B26-BB5A-1C70D8F4AB2A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {356C663A-29A7-4B26-BB5A-1C70D8F4AB2A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> DefaultScope {18F9ACFF-FA75-4830-AEF8-CE6B65598CE5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.dalesearch.com/?q={searchTerms}&bab ... 9&tsp=5011
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {18F9ACFF-FA75-4830-AEF8-CE6B65598CE5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {53D943B4-F4B8-4035-9026-260DEFD2C4B6} URL = hxxp://search.eshield.com/serp?guid={8C59DF38-2BB6-4F38-B6D8-81C189E3DABE}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={6F36F090-5E2E-483E-9CD7-6AA50DC1E5CB}&mid=fb5e9410470e47d1819e0d47e7974fd5-80074e026c03b4622231e636b4e29f9bc7663ea2&lang=cs&ds=AVG&pr=pr&d=2012-05-08 20:50:27&v=11.0.0.9&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {A8885A04-562A-452B-B795-ADE1B3C43D21} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11467
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {D83A9746-0573-4C41-B746-32EAF5C87A8E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=13043D62-C29A-487F-AC62-399604DD8FAA&apn_sauid=526A3A61-C0D7-4F22-AE24-2B7FF1E2A618
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={CF48EA55-50FF-11E2-9170-DC0EA173A626}
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {F29BA006-1725-443E-AA40-D919C19925A4} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms}
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {FDAE1BA8-D154-4204-B9A8-18198994F6CE} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKU\S-1-5-21-721941654-2744527999-12510684-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-09-21] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-11-30] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-30] (Oracle Corporation)
BHO-x32: IObit Apps Toolbar -> {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -> C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll [2015-11-20] (Spigot, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-12-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-12-26] (Oracle Corporation)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE64.dll [2015-11-20] (Spigot, Inc.)
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll [2015-11-20] (Spigot, Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-29] ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-11-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-12-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-12-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-721941654-2744527999-12510684-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\test\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions\deskCutv2@gmail.com
FF Extension: Newtab - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions\deskCutv2@gmail.com [2015-12-02] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://home.sweetim.c ... W7116W7116"
CHR Profile: C:\Users\test\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vocabla - budovat svou slovní zásobu) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk [2014-12-13]
CHR Extension: (ABA English - Online English Course) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpnkfkmdhgomemhogjdianppfjkaddcc [2014-12-13]
CHR Extension: (eShield) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp [2015-12-13]
CHR Extension: (Gmail Offline) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-01-22]
CHR Extension: (Wiki Search.me) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip [2016-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-16]
CHR Extension: (BetterCareerSearch) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccdakfilccajeijdfklolcafehhoika [2014-12-10] [UpdateUrl: hxxps://updates.mywebsearch.com/updateCrxGeneration1.xml?id=100000482&version=4.67.1.26152&track=S05647&trackRevision=1] <==== ATTENTION
CHR Extension: (Cool Hodin) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2015-10-23]
CHR Extension: (Mapy Google) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Battlefield 3) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pagmklehiaheilihklokljahmoihkjni [2015-01-22]
CHR Extension: (SpeakIt!) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2015-12-25]
CHR Extension: (Gmail) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Camera Extension) - C:\Users\test\AppData\Local\Camera Extension\Component [2016-01-29]
CHR Profile: C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Ads Removal) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-08-23]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2014-09-18] [UpdateUrl: hxxp://update.mybrowserbar.com/update/wt/gc/shoppingassistantebay/345987/update.xml] <==== ATTENTION
CHR Extension: (BetterCareerSearch) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iccdakfilccajeijdfklolcafehhoika [2014-08-10] [UpdateUrl: hxxps://updates.mywebsearch.com/updateCrxGeneration1.xml?id=100000482&version=4.67.1.26152&track=S05647&trackRevision=1] <==== ATTENTION
CHR Extension: (Domain Error Assistant) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2014-11-20] [UpdateUrl: hxxp://update.mybrowserbar.com/update/wt/gc/errorassistant/update.xml] <==== ATTENTION
CHR Extension: (AccelerateTab) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgjafhkemfjfgdmjcmhofijphjmaanak [2014-08-21] [UpdateUrl: hxxps://www.instair.net/extensions/instair_spee ... update.xml] <==== ATTENTION
CHR Extension: (Slick Savings) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2014-08-10] [UpdateUrl: hxxp://www.mybrowserbar.com/update/wt/gc/coupons/update.xml] <==== ATTENTION
CHR Extension: (Peněženka Google) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp [2014-08-10] [UpdateUrl: hxxp://update.mybrowserbar.com/update/wt/gc/shoppingassistantamazon/update.xml] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iccdakfilccajeijdfklolcafehhoika] - C:\Program Files (x86)\BetterCareerSearch_2b Chrome Extension\bar\BetterCareerSearch@mindspark.com.gen1 [2013-05-21]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-08-06]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
S3 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-24] (APN LLC.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [970016 2011-05-12] (Broadcom Corporation.)
R2 dlohn; C:\ProgramData\\dlohn\\dlohn.exe [508416 2016-01-04] () [File not signed]
R2 Dripkix; C:\Program Files\Dripkix\Dripkix.exe [379904 2015-11-12] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IhPul; C:\Users\test\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MPCProtectService; D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [349152 2016-01-27] (DotC United Inc)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 ohnuze; C:\ProgramData\\ohnuze\\ohnuze.exe [534016 2015-12-30] () [File not signed]
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-01-15] ()
S3 Program Manager; C:\Program Files (x86)\Common Files\ProgramManager\ProgramManager.exe [956136 2015-11-23] (Spigot, Inc.)
R2 pupivyhi; C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\jnss6155.tmp [240640 2015-11-30] () [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-08-10] (Realtek Semiconductor)
R2 ryrojiry; C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\hnsx7C94.tmp [617984 2015-11-30] () [File not signed]
S2 SecureUpdateSvc; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2580304 2014-05-28] () <==== ATTENTION
R2 wesypekyzbt; C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\knsb336B.tmp [204800 2016-01-24] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-07-10] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [731824 2016-01-20] (Tai Wai Shui Mu) <==== ATTENTION
R2 xenyduje; C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\snsc5768.tmp [325632 2015-11-30] () [File not signed]
R2 zigipyro; C:\Users\test\AppData\Local\35B51072-1453676912-E111-A818-DC0EA173A626\qnsj7D7D.tmp [158720 2015-12-26] () [File not signed]
R2 Zitenop; C:\ProgramData\\Zitenop\\Zitenop.exe [406016 2015-12-02] () [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2012-03-07] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [69976 2012-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [53080 2012-03-07] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [819032 2012-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [337240 2012-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59224 2012-03-07] (AVAST Software)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-13] (Broadcom Corporation.)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-14] (REALiX(tm))
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-03] (Intel Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-01-27] (DotC United Inc)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-18] (Synaptics Incorporated)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed]
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2014-11-30] (Vimicro Corporation)
S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-29 20:31 - 2016-01-29 20:31 - 00003270 _____ C:\Windows\System32\Tasks\psv_Tonanlight
2016-01-29 20:31 - 2016-01-29 20:31 - 00003270 _____ C:\Windows\System32\Tasks\psv_TechStrong
2016-01-29 20:31 - 2016-01-29 20:31 - 00003270 _____ C:\Windows\System32\Tasks\psv_BlackDonfind
2016-01-29 20:31 - 2016-01-29 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-01-28 22:23 - 2016-01-28 22:27 - 00077973 _____ C:\Users\test\Desktop\Addition.txt
2016-01-28 22:16 - 2016-01-29 20:37 - 00041763 _____ C:\Users\test\Desktop\FRST.txt
2016-01-28 22:13 - 2016-01-28 22:13 - 00112640 _____ (forum.viry.cz) C:\Users\test\Desktop\FRSTLauncher.exe
2016-01-28 22:11 - 2016-01-29 20:37 - 00000000 ___DC C:\FRST
2016-01-28 22:11 - 2016-01-28 22:09 - 02370560 _____ (Farbar) C:\Users\test\Desktop\FRST64.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00003274 _____ C:\Windows\System32\Tasks\psv_La-Fan
2016-01-28 20:41 - 2016-01-28 20:41 - 00003260 _____ C:\Windows\System32\Tasks\psv_Joyla
2016-01-28 20:41 - 2016-01-28 20:41 - 00003246 _____ C:\Windows\System32\Tasks\psv_Reddax
2016-01-24 23:08 - 2016-01-24 23:08 - 00000000 ____D C:\Users\test\AppData\Local\35B51072-1453676912-E111-A818-DC0EA173A626
2016-01-24 20:31 - 2016-01-24 20:31 - 00003264 _____ C:\Windows\System32\Tasks\psv_JayFind
2016-01-24 20:31 - 2016-01-24 20:31 - 00003258 _____ C:\Windows\System32\Tasks\psv_Dongolux
2016-01-24 20:31 - 2016-01-24 20:31 - 00003248 _____ C:\Windows\System32\Tasks\psv_Freeing
2016-01-23 09:18 - 2016-01-23 09:18 - 00003266 _____ C:\Windows\System32\Tasks\psv_Goodrantouch
2016-01-23 09:18 - 2016-01-23 09:18 - 00003248 _____ C:\Windows\System32\Tasks\psv_Redox
2016-01-20 17:37 - 2016-01-20 17:37 - 00003274 _____ C:\Windows\System32\Tasks\psv_Bigtom
2016-01-20 17:37 - 2016-01-20 17:37 - 00003256 _____ C:\Windows\System32\Tasks\psv_Lazap
2016-01-20 17:37 - 2016-01-20 17:37 - 00003252 _____ C:\Windows\System32\Tasks\psv_Ice-Ity
2016-01-18 20:29 - 2016-01-18 20:29 - 00003278 _____ C:\Windows\System32\Tasks\psv_Phys-Ity
2016-01-18 20:29 - 2016-01-18 20:29 - 00003266 _____ C:\Windows\System32\Tasks\psv_Newdom
2016-01-18 20:29 - 2016-01-18 20:29 - 00003256 _____ C:\Windows\System32\Tasks\psv_PlusAir
2016-01-17 19:59 - 2016-01-17 19:59 - 00003272 _____ C:\Windows\System32\Tasks\psv_Openzap
2016-01-17 19:59 - 2016-01-17 19:59 - 00003258 _____ C:\Windows\System32\Tasks\psv_Blacktax
2016-01-17 19:59 - 2016-01-17 19:59 - 00003254 _____ C:\Windows\System32\Tasks\psv_RedPhase
2016-01-16 21:59 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-16 21:59 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-16 21:59 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-16 21:59 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-16 21:59 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-16 21:59 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-16 21:59 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-16 21:59 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-16 21:59 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-16 21:59 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-16 21:59 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-16 21:59 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-16 21:59 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-16 21:59 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-16 21:59 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-16 21:59 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-16 21:59 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-16 21:59 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-16 21:59 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-16 21:59 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-16 21:59 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-16 21:59 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-16 21:59 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-16 21:59 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-16 21:59 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-16 21:59 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-16 21:59 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-16 21:58 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-16 21:58 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-16 21:58 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-16 21:58 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-16 21:58 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-16 21:58 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-16 21:58 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-16 21:58 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-16 21:58 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-16 21:58 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-16 21:58 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-16 21:58 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-16 21:58 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-16 21:58 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-16 21:58 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-16 21:58 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-16 21:58 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-16 21:58 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-16 21:58 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-16 21:58 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-16 21:58 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-16 21:58 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-16 21:58 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-16 21:58 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-16 21:58 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-16 21:58 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-16 21:58 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-16 21:58 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-16 21:58 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-16 21:58 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-16 21:58 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-16 21:58 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-16 21:58 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-16 21:58 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-16 21:58 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-16 21:58 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-16 21:58 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-16 21:58 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-16 21:58 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-16 21:58 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-16 21:58 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-16 21:58 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-16 21:58 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-16 21:58 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-16 21:58 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-16 21:58 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-16 21:58 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-16 21:58 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-16 21:58 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-16 21:58 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-16 21:58 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-16 21:58 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-16 21:58 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-16 21:58 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-16 21:58 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-16 21:58 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-16 21:58 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-16 21:58 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-16 21:58 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-16 21:58 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-16 21:58 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-16 21:58 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-16 21:58 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-16 21:58 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-16 21:53 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-16 21:53 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-16 21:53 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-16 21:53 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-16 21:53 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-16 21:53 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-16 21:53 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-16 21:53 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-16 21:53 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-16 21:53 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-16 21:53 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-16 21:53 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-16 21:53 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-16 21:52 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-16 21:52 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-16 21:52 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-16 21:52 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-16 21:52 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-16 21:52 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-16 21:52 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-16 21:52 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-16 21:52 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-16 21:52 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-16 21:52 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-16 21:52 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-16 21:52 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-16 21:52 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-16 21:52 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-16 21:52 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-16 21:52 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-16 21:52 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-16 21:52 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-16 21:52 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-16 21:52 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-16 21:52 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-16 21:52 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-16 21:52 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-16 21:52 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-16 21:52 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-16 21:52 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-16 21:52 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-16 21:52 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-16 21:52 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-16 21:52 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-16 21:52 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-16 21:52 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-16 21:52 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-16 21:52 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-16 21:52 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-16 21:52 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-16 21:52 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-16 21:52 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-16 21:52 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-16 21:52 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-16 21:52 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-16 21:52 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-16 21:52 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-16 21:52 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-16 21:52 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-16 21:52 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-16 21:52 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-16 21:52 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-16 21:52 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-16 21:52 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-16 21:52 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-16 21:52 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-16 21:52 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-16 21:52 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-16 21:52 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-16 21:52 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-16 21:52 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-16 21:52 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-16 21:52 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-12 20:55 - 2016-01-12 20:55 - 00003262 _____ C:\Windows\System32\Tasks\psv_SuperJob
2016-01-12 20:55 - 2016-01-12 20:55 - 00003262 _____ C:\Windows\System32\Tasks\psv_Kayfresh
2016-01-12 20:55 - 2016-01-12 20:55 - 00003262 _____ C:\Windows\System32\Tasks\psv_InchZoostock
2016-01-11 20:49 - 2016-01-11 20:49 - 00003272 _____ C:\Windows\System32\Tasks\psv_Singron
2016-01-11 20:49 - 2016-01-11 20:49 - 00003256 _____ C:\Windows\System32\Tasks\psv_Runis
2016-01-11 20:49 - 2016-01-11 20:49 - 00003250 _____ C:\Windows\System32\Tasks\psv_DanJob
2016-01-10 20:54 - 2016-01-29 20:31 - 00000722 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-01-10 18:00 - 2016-01-10 18:00 - 00000000 ____D C:\Users\test\AppData\Roaming\eCyber
2016-01-09 21:08 - 2016-01-09 21:24 - 00000000 ____D C:\Users\test\Desktop\Zima2016
2016-01-09 20:53 - 2016-01-09 20:53 - 00003276 _____ C:\Windows\System32\Tasks\psv_RoundRedfix
2016-01-09 20:53 - 2016-01-09 20:53 - 00003262 _____ C:\Windows\System32\Tasks\psv_TonApron
2016-01-09 20:53 - 2016-01-09 20:53 - 00003256 _____ C:\Windows\System32\Tasks\psv_Iceflex
2016-01-08 23:14 - 2016-01-09 21:10 - 00000000 ____D C:\Users\test\Desktop\Davídek_zima2016
2016-01-08 23:12 - 2016-01-08 23:12 - 00000000 ____D C:\Users\test\Desktop\Nová složka
2016-01-08 20:42 - 2016-01-08 20:42 - 00003268 _____ C:\Windows\System32\Tasks\psv_White-Fix
2016-01-08 20:42 - 2016-01-08 20:42 - 00003268 _____ C:\Windows\System32\Tasks\psv_VivaTip
2016-01-08 20:42 - 2016-01-08 20:42 - 00003250 _____ C:\Windows\System32\Tasks\psv_Over-Com
2016-01-07 20:26 - 2016-01-07 20:26 - 00003256 _____ C:\Windows\System32\Tasks\psv_Re-Flex
2016-01-07 20:25 - 2016-01-11 23:08 - 00002896 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_test
2016-01-07 20:25 - 2016-01-07 20:25 - 00003538 _____ C:\Windows\System32\Tasks\snp
2016-01-07 20:24 - 2016-01-07 20:24 - 00003260 _____ C:\Windows\System32\Tasks\psv_Domstrong
2016-01-07 20:23 - 2016-01-07 20:23 - 00003274 _____ C:\Windows\System32\Tasks\psv_Blacktouch
2016-01-07 20:23 - 2016-01-07 20:23 - 00003252 _____ C:\Windows\System32\Tasks\psv_Vilacom
2016-01-07 20:23 - 2016-01-07 20:23 - 00003252 _____ C:\Windows\System32\Tasks\psv_Ittip
2016-01-04 20:34 - 2016-01-29 20:31 - 00000000 ____D C:\ProgramData\dlohn
2016-01-04 20:34 - 2016-01-04 20:34 - 00003260 _____ C:\Windows\System32\Tasks\psv_BioZamtex
2016-01-03 20:49 - 2016-01-03 20:49 - 00000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2016-01-03 16:49 - 2016-01-03 16:49 - 00003262 _____ C:\Windows\System32\Tasks\psv_Redfax
2016-01-01 20:42 - 2016-01-01 20:42 - 00000401 _____ C:\Users\test\Desktop\Internet.lnk
2016-01-01 20:40 - 2016-01-01 20:40 - 00003268 _____ C:\Windows\System32\Tasks\psv_Dingtip
2016-01-01 20:40 - 2016-01-01 20:40 - 00003256 _____ C:\Windows\System32\Tasks\psv_Softotcom
2016-01-01 13:46 - 2016-01-27 20:58 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2015-12-31 20:36 - 2015-12-31 20:36 - 00003264 _____ C:\Windows\System32\Tasks\psv_Daltphase
2015-12-31 20:36 - 2015-12-31 20:36 - 00003252 _____ C:\Windows\System32\Tasks\psv_Dingjob
2015-12-30 21:16 - 2016-01-03 21:56 - 00000000 ___DC C:\Program Files (x86)\Elex-tech
2015-12-30 21:16 - 2015-12-30 21:16 - 00000000 ____D C:\Windows\system32\log
2015-12-30 20:47 - 2015-12-30 20:47 - 00003272 _____ C:\Windows\System32\Tasks\psv_Zoomaptough
2015-12-30 20:47 - 2015-12-30 20:47 - 00003272 _____ C:\Windows\System32\Tasks\psv_DentoMatdex
2015-12-30 20:47 - 2015-12-30 20:47 - 00000000 ____D C:\ProgramData\ohnuzes
2015-12-30 20:46 - 2016-01-29 20:31 - 00000000 ____D C:\ProgramData\ohnuze
2015-12-30 20:46 - 2015-12-30 20:46 - 00003262 _____ C:\Windows\System32\Tasks\psv_Double-Dox
2015-12-30 20:45 - 2015-12-30 20:45 - 00003264 _____ C:\Windows\System32\Tasks\psv_Zathair
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-29 20:36 - 2015-10-22 20:24 - 00000000 ____D C:\Users\test\AppData\Local\Seznam.cz
2016-01-29 20:35 - 2015-11-30 22:13 - 00000000 ____D C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626
2016-01-29 20:33 - 2015-12-14 20:43 - 00000000 ___DC C:\Program Files (x86)\WinZipper
2016-01-29 20:33 - 2015-10-17 14:41 - 00000000 ____D C:\Users\test\AppData\Roaming\ViberPC
2016-01-29 20:33 - 2015-02-28 23:40 - 00000000 ____D C:\Users\test\Documents\ViberDownloads
2016-01-29 20:32 - 2015-12-13 13:48 - 00000000 ___DC C:\Program Files (x86)\Feed Notifier
2016-01-29 20:31 - 2015-12-02 20:33 - 00000000 ____D C:\ProgramData\Zitenop
2016-01-29 20:31 - 2013-09-25 16:48 - 00000000 ____D C:\Users\test\AppData\LocalLow\SecurePlugin
2016-01-29 20:31 - 2013-05-17 18:53 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-29 20:31 - 2013-01-30 23:01 - 00000534 _____ C:\Windows\Tasks\Datová skartovačka - $RECYCLER .job
2016-01-29 20:31 - 2012-01-14 13:25 - 00000000 ____D C:\ProgramData\VeriFace
2016-01-29 20:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-28 22:15 - 2015-12-23 15:54 - 00000326 _____ C:\Windows\Tasks\PPTAssistantNotifyTask_test.job
2016-01-28 22:12 - 2015-12-23 15:54 - 00000596 _____ C:\Windows\Tasks\PPTAssistantUpdateTask_test.job
2016-01-28 22:10 - 2013-05-17 18:53 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 22:05 - 2009-07-14 05:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-28 22:05 - 2009-07-14 05:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-27 20:40 - 2013-11-21 17:29 - 00000000 ____D C:\ProgramData\ProductData
2016-01-24 23:19 - 2015-12-23 15:54 - 00003574 _____ C:\Windows\System32\Tasks\PPTAssistantUpdateTask_test
2016-01-24 22:33 - 2015-11-30 22:12 - 00000000 ___DC C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626
2016-01-24 20:37 - 2009-07-14 16:18 - 00677826 _____ C:\Windows\system32\perfh005.dat
2016-01-24 20:37 - 2009-07-14 16:18 - 00146712 _____ C:\Windows\system32\perfc005.dat
2016-01-24 20:37 - 2009-07-14 06:13 - 01611912 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-24 20:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-23 09:20 - 2015-12-05 23:15 - 00002253 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-01-23 09:18 - 2015-12-09 21:17 - 00003252 _____ C:\Windows\System32\Tasks\psv_Jayflex
2016-01-23 09:11 - 2015-12-14 20:42 - 00000000 ____D C:\ProgramData\rWdMr
2016-01-23 09:11 - 2015-12-14 20:40 - 00000000 ____D C:\ProgramData\2WdM2
2016-01-21 22:53 - 2013-04-15 20:07 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-20 18:43 - 2012-04-13 19:49 - 00000956 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
2016-01-18 20:38 - 2014-12-24 20:25 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-17 19:57 - 2009-07-14 05:45 - 00409696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-17 19:55 - 2014-12-12 20:27 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-17 19:55 - 2014-05-07 19:38 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-17 19:53 - 2013-03-13 22:55 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2016-01-17 19:53 - 2013-03-13 22:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-17 01:23 - 2013-03-13 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-17 01:21 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2016-01-17 01:19 - 2013-07-12 17:56 - 00000000 ____D C:\Windows\system32\MRT
2016-01-17 01:13 - 2012-01-14 11:46 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-16 23:44 - 2015-10-22 20:23 - 00000000 ____D C:\Users\test\AppData\Roaming\Seznam Browser
2016-01-16 21:36 - 2015-12-23 15:54 - 00000000 ____D C:\Users\test\AppData\Local\PPTAssist
2016-01-16 20:45 - 2015-12-26 21:35 - 00000401 _____ C:\Windows\system32\Internet.lnk
2016-01-11 22:32 - 2015-12-01 11:02 - 00003234 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-01-11 22:32 - 2014-05-03 20:16 - 00002866 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (test)
2016-01-11 21:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-10 21:04 - 2015-09-07 07:34 - 00000000 ____D C:\Users\test\Desktop\Prezentace
2016-01-08 21:18 - 2015-12-05 15:18 - 00000000 ____D C:\ProgramData\Tmp0x0x
2016-01-07 20:27 - 2012-01-14 16:52 - 00001294 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-07 20:26 - 2015-12-02 20:38 - 00003188 _____ C:\Windows\System32\Tasks\snf
2016-01-04 21:23 - 2012-01-18 08:37 - 00000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-04 21:14 - 2014-12-10 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-01 15:12 - 2015-12-26 14:05 - 00000000 ____D C:\ProgramData\3WdM3
2016-01-01 15:11 - 2015-12-28 20:54 - 00000000 ____D C:\ProgramData\HWdMH
2016-01-01 15:11 - 2015-12-25 22:57 - 00000000 ____D C:\ProgramData\gWdMg
2015-12-31 20:45 - 2015-12-06 13:56 - 00000017 _____ C:\Windows\SysWOW64\history.dat
2015-12-30 21:14 - 2015-12-14 20:43 - 00000000 ____D C:\Users\test\AppData\Roaming\WinZipper
2015-12-30 21:02 - 2015-12-29 19:15 - 00000000 ____D C:\ProgramData\6WdM6
2015-12-30 01:19 - 2015-12-29 18:27 - 00524288 ___SH C:\Windows\system32\config\components{a1cec485-ae4f-11e5-b325-e4d53ddb5633}.TMContainer00000000000000000002.regtrans-ms
2015-12-30 01:19 - 2015-12-29 18:27 - 00524288 ___SH C:\Windows\system32\config\components{a1cec485-ae4f-11e5-b325-e4d53ddb5633}.TMContainer00000000000000000001.regtrans-ms
2015-12-30 01:19 - 2015-12-29 18:27 - 00065536 ___SH C:\Windows\system32\config\components{a1cec485-ae4f-11e5-b325-e4d53ddb5633}.TM.blf
==================== Files in the root of some directories =======
2012-01-14 13:45 - 2012-01-14 13:46 - 0008192 _____ () C:\Users\test\AppData\Roaming\records_db
2012-01-15 19:42 - 2012-01-15 19:42 - 0000092 _____ () C:\Users\test\AppData\Local\fusioncache.dat
2012-01-14 11:36 - 2012-01-14 11:36 - 0001500 _____ () C:\Users\test\AppData\Local\PDLSetup.20120114.113657.txt
2012-01-14 11:46 - 2012-01-14 11:46 - 0001521 _____ () C:\Users\test\AppData\Local\PDLSetup.20120114.114632.txt
2012-01-14 11:46 - 2012-01-14 11:46 - 0001263 _____ () C:\Users\test\AppData\Local\PDLSetup.20120114.114636.txt
2012-01-14 11:46 - 2012-01-14 11:46 - 0001265 _____ () C:\Users\test\AppData\Local\PDLSetup.20120114.114659.txt
2012-01-14 12:40 - 2012-01-14 12:40 - 0001542 _____ () C:\Users\test\AppData\Local\PDLSetup.20120114.124051.txt
2012-03-20 23:26 - 2012-03-20 23:26 - 0000017 _____ () C:\Users\test\AppData\Local\resmon.resmoncfg
2015-12-02 21:50 - 2015-12-29 19:15 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
LastRegBack: 2015-12-13 16:34
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Doufám, že dobře, ntb. jsem zakoupil standardně i se softwarem.Rudy píše:Zdravím!
Jak je na tom váš oper. systém s legalitou?
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Udělejte následující sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Rudy píše:Udělejte následující sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
A kde jsou ty logy?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Rudy píše:A kde jsou ty logy?
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Jestli si hodláte dělat legraci, můžeme to ukončit.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Rudy píše:Jestli si hodláte dělat legraci, můžeme to ukončit.
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Hutch píše:Rudy píše:Jestli si hodláte dělat legraci, můžeme to ukončit.
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Hutch píše:Hutch píše:Rudy píše:Jestli si hodláte dělat legraci, můžeme to ukončit.
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
OTL Extras logfile created on: 30.1.2016 21:19:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Stažený software
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,95 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 28,37% Memory free
7,89 Gb Paging File | 4,31 Gb Available in Paging File | 54,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 0,67 Gb Free Space | 1,14% Space Free | Partition Type: NTFS
Drive D: | 454,49 Gb Total Space | 105,42 Gb Free Space | 23,19% Space Free | Partition Type: NTFS
Computer Name: HUTCH | User Name: test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055C25EE-0042-4CD9-ABD6-624B1B45397D}" = rport=139 | protocol=6 | dir=out | app=system |
"{08BAC1F6-D15A-47F7-B3FB-E112F5F1FB79}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{10704CFE-0DF7-4249-AE35-8D0C7B7E24FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{13CCF8E7-F7B5-47AE-8880-9A510E21ACBD}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{22DE0365-D665-455F-8161-CE641D6F6E6E}" = lport=138 | protocol=17 | dir=in | app=system |
"{23E4DE17-C15E-4C1D-B488-A003FF0EAB63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CD6F68E-FFEB-4E66-82A7-1AC165EC57F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3182FEC5-E5B3-4828-8B06-9C9D0115B48D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A3E1AA0-75D9-4107-A4A9-5DC582BB9D83}" = rport=138 | protocol=17 | dir=out | app=system |
"{3C6CA19E-0B22-4A8F-A02B-5707820A151A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3FC8D82F-1C98-459E-B280-C667EBBE3E46}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{4C55213E-9213-4885-8C76-9EA9B5F6CF40}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CD83B47-1EE4-466F-8972-A5D4C5FA49F1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{564E7BDA-AEDB-41E9-ABF6-F4DD085F919D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5AB17908-7A1F-480A-BF06-9AF38FEAA686}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{6160E965-A4A2-4957-8C8B-82C7CFAFC316}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{6187E9E5-4CC0-46C8-AD4D-015D6926A3DC}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{6195B575-A697-4725-BE9F-F8982C96D888}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{641F8397-44EB-4B41-90C1-5351BBFA2D18}" = lport=139 | protocol=6 | dir=in | app=system |
"{6534D072-2A75-49DC-83DC-2DF09EA9F1B7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6A646B85-3EA2-4935-81C8-53DD2DBE9258}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{74BAF5BA-E582-4466-990A-ACA8A22263C0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{764C6586-634B-495A-93A3-DA094C84E40D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C277DFD-A843-471D-8328-12B7BAD3E8BE}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{816F3376-5F88-4A0F-B827-11A614464E38}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BD31403-CB1F-4230-943C-699A199D53A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8FDDED5A-D5E5-47FB-814C-E6368F0CF378}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{9A90672C-D66D-469E-B399-D40AD4536FBC}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{9B7339EA-6677-4E07-8E4D-509DDCCB6661}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{A11D1619-97D8-41E3-9E93-29D8249774F2}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{B0FC3770-1C30-4B2D-BD6F-7C62DA67C0D5}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{B612DF39-F3D5-469D-9AFC-BDAB2C46DAA4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{BAF8EBEB-E61B-4CFA-B01C-F38FBB9BE0D5}" = rport=445 | protocol=6 | dir=out | app=system |
"{BDAD5BE6-5DDA-4D61-BADD-B939459A7FFF}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{BFD29993-5E7C-4E82-8875-E77EAFE1D4A3}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{CBC9A6A0-FCDA-4475-A8CF-D76498CE350A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CEE71B13-EDDF-4B79-A04E-59EF8ADB97CB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D58DFF93-7916-4D25-8081-EF40B48A2200}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{D7A6496E-43F0-43E2-B200-E7E38E8827F2}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D8C9C312-4481-418E-973D-1D1090BDEE1A}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{E43A6EE6-96F7-4BD2-AA31-478CE5BA1BF9}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{F768E74E-082A-43B7-9E9E-B25EEF4C0E06}" = lport=137 | protocol=17 | dir=in | app=system |
"{FEB9DB9D-DD30-45E8-B564-D2464CD46F97}" = rport=137 | protocol=17 | dir=out | app=system |
"{FF8756BD-DC14-4AC3-85CB-EA01E22E2045}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FD847A-78C7-4BBE-98AD-B57BAE5C11AD}" = dir=out | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{0204FFF4-0DC7-4004-98B4-9762F892126B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{03D87881-DB04-4671-B511-A6AABE3C0AC0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{07E45A02-A5C8-493A-8F5C-C8B972B41F55}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{08BFB988-7A9A-4EE1-94BF-3E5FFFD3E9DA}" = dir=in | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{118BA28B-0608-4A25-ADFA-D2DFC45A2B9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{19D5FCB4-C445-4E90-ADD9-70ECF3ABA21F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1ADB2D14-C941-43C3-917C-2B3B01559FE9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{1B5932AD-8496-4CAD-AB06-7F02AF230D28}" = dir=out | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{1BE9187F-BAEE-4784-8A4D-DD5165C7C3B4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1C174399-FE8E-4D3D-BE0C-ABD851510D5C}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{1D40A7E5-49E7-44E9-BDDB-F879048394CD}" = dir=in | app=c:\users\test\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{20F794D7-CC9A-4F16-BC3D-BF386D5D133E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{22389F1C-52E8-4A3B-A0B6-3D5D3A0B28CF}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\seabattle.exe |
"{23AE2353-B21B-4AFD-9E3B-CDD3D633C078}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{28EEBA7B-A90A-4F22-A413-BB91DBD8345D}" = dir=in | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{309412AB-7F6E-4065-A3E1-2E8F252C6D27}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{319740DF-5543-47E9-8224-19787B45C989}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{35243A9D-F66D-4071-8A2F-76B9BE8DB517}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36D8104B-0CEF-46EE-8F12-73C7881FC74F}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{390DA7B2-A4EE-4722-B18C-643FD08F4B54}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3CEF37DB-3E55-4BD7-9087-498273132B63}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3E7F29F4-2AF1-4F25-B01B-2B76E19BB824}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{446D90CE-42CB-468E-9D0F-10A151429752}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{571D7C10-5B75-4BA0-950A-95AECCD7FD42}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58DE06F6-F30C-498D-A47D-52F72DB0DC91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59EDBD9E-6008-4E69-ACE0-BED5A828542A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5D3EC1FF-EBEA-4500-B6D3-7A833687C1D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5D555FAA-5DA9-4565-A81A-9EA4133F57F4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5E977F3C-3A2B-4FFC-95E0-1A20F501D147}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62BDA2E2-B7DF-45F8-BE97-29348048B23A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7985E4D4-A8F0-4AE4-8A70-8220D020653F}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\checkers.exe |
"{79F996D8-0764-4787-A40F-D8A5B676766D}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\chess.exe |
"{7A6456AD-7B52-47DF-9896-EE5E5B7A0DBB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7C19F24F-BA31-4672-86AF-5B4DFF89F86E}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\tictactoe.exe |
"{7E0B8760-F4F7-4DF7-87DB-489F17CFA785}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{7FF984BC-124A-4A13-A4C4-909E1FAA14A9}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{88C2BC89-41C8-40CB-B8A3-6AC95BDA25CE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91117447-0F5B-4F1C-927B-54954F392514}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{94CB32DF-2266-4FBE-A8B1-0FD04B65C89B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{9647E681-F072-4E8E-A675-B705556D5005}" = protocol=6 | dir=out | app=system |
"{A842862C-D19D-4AF5-9CDA-E6DA499921AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9A3C130-5134-42E5-9166-DD796F40D487}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{C44D99EA-B461-4158-9050-E922F6CAE4AB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C4EDD415-6A23-472A-9C35-84440281166B}" = dir=out | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{C6F9B64A-EF33-4474-A538-0A0C3CCE1423}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\backgammon.exe |
"{C8A1FB8F-5E38-4A98-9E68-A18C9471E82A}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C8BBB3CD-F197-4045-9155-BB33A17889CF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D19380B4-5D49-4FB8-91BF-4037CC68B427}" = dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{D8DBBB59-B8E6-434C-BF99-FB2CD9765E10}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DBF981FF-79F3-430F-AE85-B98B2D17CFCD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E01FD139-22E4-4006-BDBA-C0B1C8C5F15C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0B99877-B5AA-4615-8846-D7ED7692520C}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\easychat.exe |
"{E336D7E9-E8EA-4E8D-B5C3-D26D2B0C57AA}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E77D33F3-25AF-4665-84AC-1DA0827683A9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F4336BA4-A2A5-405F-A251-7AFBC58FF9C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F524AA8C-B15D-4204-B8FC-411CF77BBD22}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"TCP Query User{1B1584CF-AF66-476E-B439-494F037CA5F1}D:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{1D450F1B-51E4-4405-8736-E16F3277AD32}D:\hry\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\wotlauncher.exe |
"TCP Query User{5ED64028-33FE-4A62-82B1-0E116DB675EF}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"TCP Query User{65D57EDF-2B50-4196-9CBA-A7DD754375BA}D:\wot test\worldoftanks.exe" = protocol=6 | dir=in | app=d:\wot test\worldoftanks.exe |
"TCP Query User{677577ED-3586-4524-8774-36F317B8CA48}D:\hry\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\wotlauncher.exe |
"TCP Query User{684DD97A-FD99-4DC9-BBD3-E356A7EE0DBF}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"UDP Query User{1E002367-A80D-42A6-9E03-D9DFD4884F9E}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"UDP Query User{2423D57A-9882-4A77-8B49-F201FE932D3F}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"UDP Query User{2A9DB7AA-EF6D-4438-8142-A7DCF874D4EC}D:\hry\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\wotlauncher.exe |
"UDP Query User{60BF36B6-7881-41A2-B538-5105B98869CF}D:\wot test\worldoftanks.exe" = protocol=17 | dir=in | app=d:\wot test\worldoftanks.exe |
"UDP Query User{6918D7A2-C8B2-4BD9-B4E6-65B9790176F9}D:\hry\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\wotlauncher.exe |
"UDP Query User{8E312410-F4A0-4DD6-99E2-BFD115CD720F}D:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series" = Canon MG4200 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F06417072FF}" = Java 7 Update 72 (64-bit)
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Software Intel(R) PROSet/Wireless WiFi
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{709A2D23-C25E-47B5-9268-CB6FEE648504}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B255D495-4734-4E9B-B4F5-96702FD4A7B9}" = Podpora aplikací Apple (64bitová)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 353.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 353.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.31
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}" = Microsoft Security Client
"{F11D09F7-49D0-487D-87A7-B16D8F1560E9}" = Windows 7 Manager
"{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}" = SRS Control Panel
"CCleaner" = CCleaner
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04995D3C-F1A7-4946-90DE-960DA8EF1ED7}" = CDBurnerXP
"{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F03217072FF}" = Java 7 Update 72
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{44EB6B81-27FD-4A44-9D77-59D72EEAE6C5}" = IObit Apps Toolbar v23.8
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4fcf070a-daac-45e9-a8b0-6850941f7ed8}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{6091F327-2B13-4193-A6F1-4B2271613A74}_is1" = Feed Notifier 2.6
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}" = EnergyCut
"{703E9CCF-0578-4AF0-B1F7-90368CFDC8DD}" = Viber
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7FE25256-B7C1-480D-B736-10A67A833AEA}" = Podpora aplikací Apple (32bitová)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile MF60
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 19 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 18 PPAPI
"BetterCareerSearch_2b Chrome Extension Uninstall" = BetterCareerSearch Toolbar Chrome Extension
"Canon MG4200 series On-screen Manual" = Canon MG4200 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"Clarity recorder" = Clarity recorder
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ELPI elektronický podpis a šifrovanie adresárov_is1" = ELPI verzia 1.6
"Google Chrome" = Google Chrome
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"Lucky Bright" = Lucky Bright
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"PopupProduct" = Body Text Feathering
"ProInst" = Intel PROSet Wireless
"PunkBusterSvc" = PunkBuster Services
"Registrace uživatele zařízení Canon MG4200 series" = Registrace uživatele zařízení Canon MG4200 series
"simplitec POWER SUITE_is1" = KMPFaster
"SoftwareUpdater" = Licence Device
"The KMPlayer" = KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VeriFace" = VeriFace
"WinZipper" = WinZipper
"WNLT" = IB Updater Service
"ZonerPhotoStudio14_EN_is1" = Zoner Photo Studio 14 FREE
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"{5B26FDE6-1F7E-A7B5-41AD-6A7C466D315F}" = Camera Extension
"{e577cb09-2068-44fb-8eed-cfcc1617b010}" = Viber
"PPTAssist" = PPT美化大师
"Seznam Browser" = Prohlížeč Seznam.cz
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.1.2016 16:00:44 | Computer Name = Hutch | Source = MsiInstaller | ID = 1024
Description =
Error - 21.1.2016 18:12:17 | Computer Name = Hutch | Source = IMFservice | ID = 0
Description =
Error - 21.1.2016 18:12:17 | Computer Name = Hutch | Source = IMFservice | ID = 0
Description =
Error - 24.1.2016 15:39:52 | Computer Name = Hutch | Source = MsiInstaller | ID = 11714
Description =
Error - 27.1.2016 15:50:07 | Computer Name = Hutch | Source = MsiInstaller | ID = 11328
Description =
Error - 27.1.2016 15:50:10 | Computer Name = Hutch | Source = MsiInstaller | ID = 1024
Description =
Error - 28.1.2016 15:56:19 | Computer Name = Hutch | Source = MsiInstaller | ID = 11714
Description =
Error - 28.1.2016 17:48:40 | Computer Name = Hutch | Source = IMFservice | ID = 0
Description =
Error - 28.1.2016 17:48:41 | Computer Name = Hutch | Source = IMFservice | ID = 0
Description =
Error - 30.1.2016 16:17:00 | Computer Name = Hutch | Source = MsiInstaller | ID = 1024
Description =
[ System Events ]
Error - 28.1.2016 16:00:47 | Computer Name = Hutch | Source = DCOM | ID = 10010
Description =
Error - 28.1.2016 16:01:43 | Computer Name = Hutch | Source = DCOM | ID = 10010
Description =
Error - 28.1.2016 16:03:34 | Computer Name = Hutch | Source = volsnap | ID = 393251
Description = Stínové kopie svazku C: byly přerušeny, protože se nepodařilo zvětšit
úložiště stínové kopie.
Error - 28.1.2016 16:25:42 | Computer Name = Hutch | Source = DCOM | ID = 10010
Description =
Error - 28.1.2016 16:27:19 | Computer Name = Hutch | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.213.4678.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%853 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.12400.0 Kód chyby: 0x80240022 Popis chyby: V daném programu nelze zkontrolovat
aktualizace definic.
Error - 28.1.2016 16:27:19 | Computer Name = Hutch | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.213.4678.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%853 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.12400.0 Kód chyby: 0x80240022 Popis chyby: V daném programu nelze zkontrolovat
aktualizace definic.
Error - 28.1.2016 16:28:12 | Computer Name = Hutch | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.213.4678.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze modulu: Předchozí verze modulu: 1.1.12400.0 Kód chyby: 0x80072ee7 Popis chyby:
Nelze rozpoznat název nebo adresu serveru.
Error - 28.1.2016 16:28:12 | Computer Name = Hutch | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.213.4678.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze modulu: Předchozí verze modulu: 1.1.12400.0 Kód chyby: 0x80072ee7 Popis chyby:
Nelze rozpoznat název nebo adresu serveru.
Error - 29.1.2016 16:21:24 | Computer Name = Hutch | Source = Service Control Manager | ID = 7034
Description = Služba Advanced SystemCare Service 9 byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 30.1.2016 16:57:13 | Computer Name = Hutch | Source = volsnap | ID = 393251
Description = Stínové kopie svazku C: byly přerušeny, protože se nepodařilo zvětšit
úložiště stínové kopie.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Stažený software
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,95 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 28,37% Memory free
7,89 Gb Paging File | 4,31 Gb Available in Paging File | 54,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 0,67 Gb Free Space | 1,14% Space Free | Partition Type: NTFS
Drive D: | 454,49 Gb Total Space | 105,42 Gb Free Space | 23,19% Space Free | Partition Type: NTFS
Computer Name: HUTCH | User Name: test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055C25EE-0042-4CD9-ABD6-624B1B45397D}" = rport=139 | protocol=6 | dir=out | app=system |
"{08BAC1F6-D15A-47F7-B3FB-E112F5F1FB79}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{10704CFE-0DF7-4249-AE35-8D0C7B7E24FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{13CCF8E7-F7B5-47AE-8880-9A510E21ACBD}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{22DE0365-D665-455F-8161-CE641D6F6E6E}" = lport=138 | protocol=17 | dir=in | app=system |
"{23E4DE17-C15E-4C1D-B488-A003FF0EAB63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CD6F68E-FFEB-4E66-82A7-1AC165EC57F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3182FEC5-E5B3-4828-8B06-9C9D0115B48D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A3E1AA0-75D9-4107-A4A9-5DC582BB9D83}" = rport=138 | protocol=17 | dir=out | app=system |
"{3C6CA19E-0B22-4A8F-A02B-5707820A151A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3FC8D82F-1C98-459E-B280-C667EBBE3E46}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{4C55213E-9213-4885-8C76-9EA9B5F6CF40}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CD83B47-1EE4-466F-8972-A5D4C5FA49F1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{564E7BDA-AEDB-41E9-ABF6-F4DD085F919D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5AB17908-7A1F-480A-BF06-9AF38FEAA686}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{6160E965-A4A2-4957-8C8B-82C7CFAFC316}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{6187E9E5-4CC0-46C8-AD4D-015D6926A3DC}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{6195B575-A697-4725-BE9F-F8982C96D888}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{641F8397-44EB-4B41-90C1-5351BBFA2D18}" = lport=139 | protocol=6 | dir=in | app=system |
"{6534D072-2A75-49DC-83DC-2DF09EA9F1B7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6A646B85-3EA2-4935-81C8-53DD2DBE9258}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{74BAF5BA-E582-4466-990A-ACA8A22263C0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{764C6586-634B-495A-93A3-DA094C84E40D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C277DFD-A843-471D-8328-12B7BAD3E8BE}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{816F3376-5F88-4A0F-B827-11A614464E38}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BD31403-CB1F-4230-943C-699A199D53A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8FDDED5A-D5E5-47FB-814C-E6368F0CF378}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{9A90672C-D66D-469E-B399-D40AD4536FBC}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{9B7339EA-6677-4E07-8E4D-509DDCCB6661}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{A11D1619-97D8-41E3-9E93-29D8249774F2}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{B0FC3770-1C30-4B2D-BD6F-7C62DA67C0D5}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{B612DF39-F3D5-469D-9AFC-BDAB2C46DAA4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{BAF8EBEB-E61B-4CFA-B01C-F38FBB9BE0D5}" = rport=445 | protocol=6 | dir=out | app=system |
"{BDAD5BE6-5DDA-4D61-BADD-B939459A7FFF}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{BFD29993-5E7C-4E82-8875-E77EAFE1D4A3}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{CBC9A6A0-FCDA-4475-A8CF-D76498CE350A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CEE71B13-EDDF-4B79-A04E-59EF8ADB97CB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D58DFF93-7916-4D25-8081-EF40B48A2200}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{D7A6496E-43F0-43E2-B200-E7E38E8827F2}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D8C9C312-4481-418E-973D-1D1090BDEE1A}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{E43A6EE6-96F7-4BD2-AA31-478CE5BA1BF9}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{F768E74E-082A-43B7-9E9E-B25EEF4C0E06}" = lport=137 | protocol=17 | dir=in | app=system |
"{FEB9DB9D-DD30-45E8-B564-D2464CD46F97}" = rport=137 | protocol=17 | dir=out | app=system |
"{FF8756BD-DC14-4AC3-85CB-EA01E22E2045}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FD847A-78C7-4BBE-98AD-B57BAE5C11AD}" = dir=out | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{0204FFF4-0DC7-4004-98B4-9762F892126B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{03D87881-DB04-4671-B511-A6AABE3C0AC0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{07E45A02-A5C8-493A-8F5C-C8B972B41F55}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{08BFB988-7A9A-4EE1-94BF-3E5FFFD3E9DA}" = dir=in | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{118BA28B-0608-4A25-ADFA-D2DFC45A2B9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{19D5FCB4-C445-4E90-ADD9-70ECF3ABA21F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1ADB2D14-C941-43C3-917C-2B3B01559FE9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{1B5932AD-8496-4CAD-AB06-7F02AF230D28}" = dir=out | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{1BE9187F-BAEE-4784-8A4D-DD5165C7C3B4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1C174399-FE8E-4D3D-BE0C-ABD851510D5C}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{1D40A7E5-49E7-44E9-BDDB-F879048394CD}" = dir=in | app=c:\users\test\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{20F794D7-CC9A-4F16-BC3D-BF386D5D133E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{22389F1C-52E8-4A3B-A0B6-3D5D3A0B28CF}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\seabattle.exe |
"{23AE2353-B21B-4AFD-9E3B-CDD3D633C078}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{28EEBA7B-A90A-4F22-A413-BB91DBD8345D}" = dir=in | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{309412AB-7F6E-4065-A3E1-2E8F252C6D27}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{319740DF-5543-47E9-8224-19787B45C989}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{35243A9D-F66D-4071-8A2F-76B9BE8DB517}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36D8104B-0CEF-46EE-8F12-73C7881FC74F}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{390DA7B2-A4EE-4722-B18C-643FD08F4B54}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3CEF37DB-3E55-4BD7-9087-498273132B63}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3E7F29F4-2AF1-4F25-B01B-2B76E19BB824}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{446D90CE-42CB-468E-9D0F-10A151429752}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{571D7C10-5B75-4BA0-950A-95AECCD7FD42}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58DE06F6-F30C-498D-A47D-52F72DB0DC91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59EDBD9E-6008-4E69-ACE0-BED5A828542A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5D3EC1FF-EBEA-4500-B6D3-7A833687C1D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5D555FAA-5DA9-4565-A81A-9EA4133F57F4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5E977F3C-3A2B-4FFC-95E0-1A20F501D147}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62BDA2E2-B7DF-45F8-BE97-29348048B23A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7985E4D4-A8F0-4AE4-8A70-8220D020653F}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\checkers.exe |
"{79F996D8-0764-4787-A40F-D8A5B676766D}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\chess.exe |
"{7A6456AD-7B52-47DF-9896-EE5E5B7A0DBB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7C19F24F-BA31-4672-86AF-5B4DFF89F86E}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\tictactoe.exe |
"{7E0B8760-F4F7-4DF7-87DB-489F17CFA785}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{7FF984BC-124A-4A13-A4C4-909E1FAA14A9}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{88C2BC89-41C8-40CB-B8A3-6AC95BDA25CE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91117447-0F5B-4F1C-927B-54954F392514}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{94CB32DF-2266-4FBE-A8B1-0FD04B65C89B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{9647E681-F072-4E8E-A675-B705556D5005}" = protocol=6 | dir=out | app=system |
"{A842862C-D19D-4AF5-9CDA-E6DA499921AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9A3C130-5134-42E5-9166-DD796F40D487}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{C44D99EA-B461-4158-9050-E922F6CAE4AB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C4EDD415-6A23-472A-9C35-84440281166B}" = dir=out | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{C6F9B64A-EF33-4474-A538-0A0C3CCE1423}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\backgammon.exe |
"{C8A1FB8F-5E38-4A98-9E68-A18C9471E82A}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C8BBB3CD-F197-4045-9155-BB33A17889CF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D19380B4-5D49-4FB8-91BF-4037CC68B427}" = dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{D8DBBB59-B8E6-434C-BF99-FB2CD9765E10}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DBF981FF-79F3-430F-AE85-B98B2D17CFCD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E01FD139-22E4-4006-BDBA-C0B1C8C5F15C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0B99877-B5AA-4615-8846-D7ED7692520C}" = dir=in | app=c:\program files\lenovo\bluetooth software\easybits games\easychat.exe |
"{E336D7E9-E8EA-4E8D-B5C3-D26D2B0C57AA}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E77D33F3-25AF-4665-84AC-1DA0827683A9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F4336BA4-A2A5-405F-A251-7AFBC58FF9C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F524AA8C-B15D-4204-B8FC-411CF77BBD22}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"TCP Query User{1B1584CF-AF66-476E-B439-494F037CA5F1}D:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{1D450F1B-51E4-4405-8736-E16F3277AD32}D:\hry\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\wotlauncher.exe |
"TCP Query User{5ED64028-33FE-4A62-82B1-0E116DB675EF}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"TCP Query User{65D57EDF-2B50-4196-9CBA-A7DD754375BA}D:\wot test\worldoftanks.exe" = protocol=6 | dir=in | app=d:\wot test\worldoftanks.exe |
"TCP Query User{677577ED-3586-4524-8774-36F317B8CA48}D:\hry\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\wotlauncher.exe |
"TCP Query User{684DD97A-FD99-4DC9-BBD3-E356A7EE0DBF}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"UDP Query User{1E002367-A80D-42A6-9E03-D9DFD4884F9E}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"UDP Query User{2423D57A-9882-4A77-8B49-F201FE932D3F}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"UDP Query User{2A9DB7AA-EF6D-4438-8142-A7DCF874D4EC}D:\hry\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\wotlauncher.exe |
"UDP Query User{60BF36B6-7881-41A2-B538-5105B98869CF}D:\wot test\worldoftanks.exe" = protocol=17 | dir=in | app=d:\wot test\worldoftanks.exe |
"UDP Query User{6918D7A2-C8B2-4BD9-B4E6-65B9790176F9}D:\hry\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\wotlauncher.exe |
"UDP Query User{8E312410-F4A0-4DD6-99E2-BFD115CD720F}D:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series" = Canon MG4200 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F06417072FF}" = Java 7 Update 72 (64-bit)
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Software Intel(R) PROSet/Wireless WiFi
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{709A2D23-C25E-47B5-9268-CB6FEE648504}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B255D495-4734-4E9B-B4F5-96702FD4A7B9}" = Podpora aplikací Apple (64bitová)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 353.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 353.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.31
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}" = Microsoft Security Client
"{F11D09F7-49D0-487D-87A7-B16D8F1560E9}" = Windows 7 Manager
"{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}" = SRS Control Panel
"CCleaner" = CCleaner
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04995D3C-F1A7-4946-90DE-960DA8EF1ED7}" = CDBurnerXP
"{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F03217072FF}" = Java 7 Update 72
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{44EB6B81-27FD-4A44-9D77-59D72EEAE6C5}" = IObit Apps Toolbar v23.8
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4fcf070a-daac-45e9-a8b0-6850941f7ed8}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{6091F327-2B13-4193-A6F1-4B2271613A74}_is1" = Feed Notifier 2.6
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}" = EnergyCut
"{703E9CCF-0578-4AF0-B1F7-90368CFDC8DD}" = Viber
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7FE25256-B7C1-480D-B736-10A67A833AEA}" = Podpora aplikací Apple (32bitová)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile MF60
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 19 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 18 PPAPI
"BetterCareerSearch_2b Chrome Extension Uninstall" = BetterCareerSearch Toolbar Chrome Extension
"Canon MG4200 series On-screen Manual" = Canon MG4200 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"Clarity recorder" = Clarity recorder
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ELPI elektronický podpis a šifrovanie adresárov_is1" = ELPI verzia 1.6
"Google Chrome" = Google Chrome
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"Lucky Bright" = Lucky Bright
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"PopupProduct" = Body Text Feathering
"ProInst" = Intel PROSet Wireless
"PunkBusterSvc" = PunkBuster Services
"Registrace uživatele zařízení Canon MG4200 series" = Registrace uživatele zařízení Canon MG4200 series
"simplitec POWER SUITE_is1" = KMPFaster
"SoftwareUpdater" = Licence Device
"The KMPlayer" = KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VeriFace" = VeriFace
"WinZipper" = WinZipper
"WNLT" = IB Updater Service
"ZonerPhotoStudio14_EN_is1" = Zoner Photo Studio 14 FREE
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"{5B26FDE6-1F7E-A7B5-41AD-6A7C466D315F}" = Camera Extension
"{e577cb09-2068-44fb-8eed-cfcc1617b010}" = Viber
"PPTAssist" = PPT美化大师
"Seznam Browser" = Prohlížeč Seznam.cz
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.1.2016 16:00:44 | Computer Name = Hutch | Source = MsiInstaller | ID = 1024
Description =
Error - 21.1.2016 18:12:17 | Computer Name = Hutch | Source = IMFservice | ID = 0
Description =
Error - 21.1.2016 18:12:17 | Computer Name = Hutch | Source = IMFservice | ID = 0
Description =
Error - 24.1.2016 15:39:52 | Computer Name = Hutch | Source = MsiInstaller | ID = 11714
Description =
Error - 27.1.2016 15:50:07 | Computer Name = Hutch | Source = MsiInstaller | ID = 11328
Description =
Error - 27.1.2016 15:50:10 | Computer Name = Hutch | Source = MsiInstaller | ID = 1024
Description =
Error - 28.1.2016 15:56:19 | Computer Name = Hutch | Source = MsiInstaller | ID = 11714
Description =
Error - 28.1.2016 17:48:40 | Computer Name = Hutch | Source = IMFservice | ID = 0
Description =
Error - 28.1.2016 17:48:41 | Computer Name = Hutch | Source = IMFservice | ID = 0
Description =
Error - 30.1.2016 16:17:00 | Computer Name = Hutch | Source = MsiInstaller | ID = 1024
Description =
[ System Events ]
Error - 28.1.2016 16:00:47 | Computer Name = Hutch | Source = DCOM | ID = 10010
Description =
Error - 28.1.2016 16:01:43 | Computer Name = Hutch | Source = DCOM | ID = 10010
Description =
Error - 28.1.2016 16:03:34 | Computer Name = Hutch | Source = volsnap | ID = 393251
Description = Stínové kopie svazku C: byly přerušeny, protože se nepodařilo zvětšit
úložiště stínové kopie.
Error - 28.1.2016 16:25:42 | Computer Name = Hutch | Source = DCOM | ID = 10010
Description =
Error - 28.1.2016 16:27:19 | Computer Name = Hutch | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.213.4678.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%853 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.12400.0 Kód chyby: 0x80240022 Popis chyby: V daném programu nelze zkontrolovat
aktualizace definic.
Error - 28.1.2016 16:27:19 | Computer Name = Hutch | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.213.4678.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%853 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.12400.0 Kód chyby: 0x80240022 Popis chyby: V daném programu nelze zkontrolovat
aktualizace definic.
Error - 28.1.2016 16:28:12 | Computer Name = Hutch | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.213.4678.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze modulu: Předchozí verze modulu: 1.1.12400.0 Kód chyby: 0x80072ee7 Popis chyby:
Nelze rozpoznat název nebo adresu serveru.
Error - 28.1.2016 16:28:12 | Computer Name = Hutch | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.213.4678.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze modulu: Předchozí verze modulu: 1.1.12400.0 Kód chyby: 0x80072ee7 Popis chyby:
Nelze rozpoznat název nebo adresu serveru.
Error - 29.1.2016 16:21:24 | Computer Name = Hutch | Source = Service Control Manager | ID = 7034
Description = Služba Advanced SystemCare Service 9 byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 30.1.2016 16:57:13 | Computer Name = Hutch | Source = volsnap | ID = 393251
Description = Stínové kopie svazku C: byly přerušeny, protože se nepodařilo zvětšit
úložiště stínové kopie.
< End of report >
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
OTL logfile created on: 30.1.2016 21:19:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Stažený software
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,95 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 28,37% Memory free
7,89 Gb Paging File | 4,31 Gb Available in Paging File | 54,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 0,67 Gb Free Space | 1,14% Space Free | Partition Type: NTFS
Drive D: | 454,49 Gb Total Space | 105,42 Gb Free Space | 23,19% Space Free | Partition Type: NTFS
Computer Name: HUTCH | User Name: test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - [2016.01.30 21:13:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Stažený software\OTL.exe
PRC - [2016.01.29 21:25:22 | 000,273,920 | ---- | M] () -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\knsp9A09.tmp
PRC - [2016.01.27 20:57:36 | 000,166,880 | ---- | M] (DotC United Inc) -- D:\Program Files (x86)\MPC Cleaner\MPCTray.exe
PRC - [2016.01.27 20:57:27 | 000,349,152 | ---- | M] (DotC United Inc) -- D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
PRC - [2016.01.27 20:57:25 | 000,267,744 | ---- | M] (DotC United Inc) -- D:\Program Files (x86)\MPC Cleaner\MPCNews.exe
PRC - [2016.01.20 04:08:19 | 000,731,824 | ---- | M] (Tai Wai Shui Mu) -- C:\Program Files (x86)\WinZipper\winzipersvc.exe
PRC - [2016.01.13 15:01:36 | 046,373,056 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
PRC - [2016.01.12 17:36:02 | 000,748,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016.01.04 19:35:06 | 000,508,416 | ---- | M] () -- C:\ProgramData\dlohn\dlohn.exe
PRC - [2015.12.30 20:35:34 | 000,534,016 | ---- | M] () -- C:\ProgramData\ohnuze\ohnuze.exe
PRC - [2015.12.26 09:59:52 | 000,158,720 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1454106713-E111-A818-DC0EA173A626\qnsvF6F.tmp
PRC - [2015.12.08 09:05:54 | 000,580,752 | ---- | M] (tsvr.com) -- C:\Users\test\AppData\Roaming\TSv\TSvr.exe
PRC - [2015.12.05 14:28:09 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
PRC - [2015.12.02 17:40:34 | 000,406,016 | ---- | M] () -- C:\ProgramData\Zitenop\Zitenop.exe
PRC - [2015.12.01 17:00:00 | 000,694,632 | ---- | M] (Zhuhai Kingsoft Office Software Co.,Ltd) -- C:\Users\test\AppData\Local\PPTAssist\ktpcntr.exe
PRC - [2015.11.30 22:13:38 | 000,325,632 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\snsc5768.tmp
PRC - [2015.11.30 22:13:36 | 000,516,608 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\onsc576A.tmp
PRC - [2015.11.30 22:12:42 | 000,617,984 | ---- | M] () -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\hnsx7C94.tmp
PRC - [2015.11.30 22:12:35 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\jnss6155.tmp
PRC - [2015.11.26 08:25:44 | 000,109,897 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\pnsc576B.exe
PRC - [2015.11.09 11:26:08 | 051,657,424 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\Viber.exe
PRC - [2015.10.21 22:09:34 | 000,081,920 | -H-- | M] () -- C:\Program Files (x86)\baidu\ppt.exe
PRC - [2015.09.23 14:31:38 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Feed Notifier\notifier.exe
PRC - [2015.08.27 01:37:44 | 002,634,872 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.08.27 01:37:41 | 001,872,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2012.03.07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.01.14 13:25:25 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2007.03.09 19:00:18 | 001,167,360 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
========== Modules (No Company Name) ==========
MOD - [2016.01.30 21:05:21 | 000,011,264 | ---- | M] () -- C:\Users\test\AppData\Local\Temp\nsm281A.tmp\System.dll
MOD - [2016.01.13 15:01:36 | 046,373,056 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
MOD - [2016.01.12 17:35:55 | 001,590,088 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
MOD - [2016.01.12 17:35:52 | 000,087,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
MOD - [2015.12.26 21:37:41 | 000,257,536 | ---- | M] () -- C:\ProgramData\Zitenop\Lightfresh.dll
MOD - [2015.11.30 22:22:21 | 000,031,232 | ---- | M] () -- C:\Users\test\AppData\Local\Camera Extension\{72CF7F9B-DC02-991B-E7CB-BC42B9BD5369}\CameraExtension.dll
MOD - [2015.11.30 22:22:21 | 000,010,752 | ---- | M] () -- C:\Users\test\AppData\Local\Camera Extension\{72CF7F9B-DC02-991B-E7CB-BC42B9BD5369}\ftslocf.dll
MOD - [2015.11.30 22:13:36 | 000,516,608 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\onsc576A.tmp
MOD - [2015.11.26 08:25:44 | 000,109,897 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\pnsc576B.exe
MOD - [2015.11.09 11:26:08 | 051,657,424 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\Viber.exe
MOD - [2015.11.09 11:19:32 | 000,389,632 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\imageformats\qsvg.dll
MOD - [2015.11.09 11:19:27 | 000,089,088 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\qfacebook.dll
MOD - [2015.10.21 22:09:34 | 000,081,920 | -H-- | M] () -- C:\Program Files (x86)\baidu\ppt.exe
MOD - [2015.10.05 15:22:16 | 000,073,728 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\libEGL.dll
MOD - [2015.10.05 15:19:14 | 001,481,728 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\libGLESv2.dll
MOD - [2015.09.29 15:34:24 | 000,425,984 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtLocation\declarative_location.dll
MOD - [2015.09.29 15:26:18 | 000,057,856 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQuick\Layouts\qquicklayoutsplugin.dll
MOD - [2015.09.29 15:25:48 | 000,690,176 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2015.09.29 03:04:28 | 000,184,320 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtMultimedia\declarative_multimedia.dll
MOD - [2015.09.29 03:03:32 | 000,065,024 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtPositioning\declarative_positioning.dll
MOD - [2015.09.29 02:58:25 | 000,044,032 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQml\StateMachine\qtqmlstatemachine.dll
MOD - [2015.09.29 02:58:23 | 000,012,288 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQuick\Window.2\windowplugin.dll
MOD - [2015.09.29 02:58:22 | 000,012,288 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll
MOD - [2015.09.29 02:58:20 | 000,012,288 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQml\Models.2\modelsplugin.dll
MOD - [2015.09.29 02:37:50 | 000,010,240 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\libEGL.dll
MOD - [2015.09.29 02:37:49 | 001,601,536 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\libGLESV2.dll
MOD - [2015.09.23 14:31:38 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Feed Notifier\notifier.exe
MOD - [2015.08.27 01:37:44 | 000,011,896 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015.07.23 05:06:23 | 000,012,104 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2015.05.15 22:31:47 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2014.11.30 22:21:29 | 000,659,456 | ---- | M] () -- C:\Windows\SysWOW64\vmprp331.ax
MOD - [2014.10.15 19:02:49 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014.10.15 19:00:40 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014.09.13 15:49:17 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012.01.15 22:00:21 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.01.14 13:25:24 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
MOD - [2010.11.05 02:54:38 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2005.06.24 19:05:02 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll
========== Services (SafeList) ==========
SRV:64bit: - [2015.12.12 19:02:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.11.12 22:55:26 | 000,379,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Dripkix\Dripkix.exe -- (Dripkix)
SRV:64bit: - [2015.08.23 13:33:19 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.07.24 05:22:13 | 001,155,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015.07.24 05:22:11 | 005,544,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2015.04.30 00:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2015.04.30 00:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014.08.10 13:48:32 | 000,290,520 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV:64bit: - [2013.07.10 22:52:14 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.05.12 16:01:46 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011.05.02 14:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.05.02 14:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.05.02 14:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016.01.29 21:25:22 | 000,273,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\knsp9A09.tmp -- (pucufecozbt)
SRV - [2016.01.27 20:57:27 | 000,349,152 | ---- | M] (DotC United Inc) [Auto | Running] -- D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe -- (MPCProtectService)
SRV - [2016.01.20 04:08:19 | 000,731,824 | ---- | M] (Tai Wai Shui Mu) [Auto | Running] -- C:\Program Files (x86)\WinZipper\winzipersvc.exe -- (winzipersvc)
SRV - [2016.01.04 19:35:06 | 000,508,416 | ---- | M] () [Auto | Running] -- C:\ProgramData\\dlohn\\dlohn.exe -- (dlohn)
SRV - [2015.12.30 20:35:34 | 000,534,016 | ---- | M] () [Auto | Running] -- C:\ProgramData\\ohnuze\\ohnuze.exe -- (ohnuze)
SRV - [2015.12.26 09:59:52 | 000,158,720 | ---- | M] () [Auto | Running] -- C:\Users\test\AppData\Local\35B51072-1454106713-E111-A818-DC0EA173A626\qnsvF6F.tmp -- (zigipyro)
SRV - [2015.12.13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.12.08 09:05:54 | 000,580,752 | ---- | M] (tsvr.com) [Auto | Running] -- C:\Users\test\AppData\Roaming\TSv\TSvr.exe -- (IhPul)
SRV - [2015.12.02 17:40:34 | 000,406,016 | ---- | M] () [Auto | Running] -- C:\ProgramData\\Zitenop\\Zitenop.exe -- (Zitenop)
SRV - [2015.11.30 22:13:38 | 000,325,632 | ---- | M] () [Auto | Running] -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\snsc5768.tmp -- (xenyduje)
SRV - [2015.11.30 22:12:42 | 000,617,984 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\hnsx7C94.tmp -- (ryrojiry)
SRV - [2015.11.30 22:12:35 | 000,240,640 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\jnss6155.tmp -- (pupivyhi)
SRV - [2015.11.23 20:41:28 | 000,956,136 | ---- | M] (Spigot, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ProgramManager\ProgramManager.exe -- (Program Manager)
SRV - [2015.11.20 17:44:02 | 000,955,056 | ---- | M] (Spigot, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2015.11.10 13:48:12 | 002,934,048 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015.08.27 01:37:41 | 001,872,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.06.24 00:58:10 | 000,165,784 | ---- | M] (APN LLC.) [On_Demand | Stopped] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2014.05.28 15:46:02 | 002,580,304 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2014.04.11 22:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012.12.14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2012.01.15 08:42:25 | 000,066,872 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016.01.27 20:58:52 | 000,060,136 | ---- | M] (DotC United Inc) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MPCKpt.sys -- (MPCKpt)
DRV:64bit: - [2015.12.04 23:10:12 | 011,531,536 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)
DRV:64bit: - [2015.12.04 23:09:36 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2015.08.11 05:52:30 | 000,050,472 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2015.07.24 05:22:11 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015.07.23 05:06:23 | 000,031,376 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2015.06.10 22:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2015.03.04 18:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014.11.30 22:22:16 | 000,454,416 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014.11.30 22:21:28 | 000,952,832 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2014.05.03 20:21:20 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014.04.18 20:00:48 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014.02.17 22:59:51 | 000,176,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2013.07.25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012.12.14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.11 10:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.07 00:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 00:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 00:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.03.07 00:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 00:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 00:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 00:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.14 16:43:28 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2012.01.14 16:43:25 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011.10.28 19:23:56 | 000,398,896 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.08.09 13:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 08:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011.08.04 08:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011.08.04 08:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011.05.13 08:01:36 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011.05.13 08:01:34 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011.05.13 08:01:24 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.05.13 08:01:24 | 000,150,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.05.13 08:01:24 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.05.13 08:01:24 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011.05.10 09:26:40 | 000,137,728 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV:64bit: - [2011.05.10 09:26:40 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2011.05.10 09:26:40 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2011.05.10 09:26:40 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.01 05:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.08.16 17:28:50 | 000,008,320 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmuvcflt.sys -- (vmuvcflt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015.01.14 20:03:35 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\..\SearchScopes,DefaultScope = {ielnksrch}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKLM\..\SearchScopes\ielnksrch: "URL" = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\.DEFAULT\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}
IE - HKU\.DEFAULT\..\SearchScopes\{356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}
IE - HKU\S-1-5-18\..\SearchScopes\{356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes,DefaultScope = {18F9ACFF-FA75-4830-AEF8-CE6B65598CE5}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.dalesearch.com/?q={searchTer ... 9&tsp=5011
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{18F9ACFF-FA75-4830-AEF8-CE6B65598CE5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{53D943B4-F4B8-4035-9026-260DEFD2C4B6}: "URL" = http://search.eshield.com/serp?guid={8C ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... DF&pc=MSSE
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6F36 ... 2012-05-08 20:50:27&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{A8885A04-562A-452B-B795-ADE1B3C43D21}: "URL" = http://search.yahoo.com/search?p={searc ... type=11467
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{D83A9746-0573-4C41-B746-32EAF5C87A8E}: "URL" = http://websearch.ask.com/redirect?clien ... 7FF1E2A618
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0EA173A626}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{F29BA006-1725-443E-AA40-D919C19925A4}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{FDAE1BA8-D154-4204-B9A8-18198994F6CE}: "URL" = https://search.yahoo.com/search?fr=chr- ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{ielnksrch}: "URL" = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yoursearching.com/?type=hp&t ... W7116W7116"
FF - prefs.js..keyword.URL: "http://search.eshield.com/serp?guid={8C ... _search&k="
FF - prefs.js..browser.search.defaultenginename: "eShield Safe Web"
FF - prefs.js..browser.startup.homepage: "http://services.eshield.com/general/new ... E3DABE}&i="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\test\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\deskCutv2@gmail.com: C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions\deskCutv2@gmail.com [2015.12.02 21:49:57 | 000,000,000 | ---D | M]
[2015.12.23 20:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions
[2015.11.30 22:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\1448918575_xpi
[2015.11.30 23:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\1448921190_xpi
[2015.12.20 14:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions
[2015.12.02 21:49:57 | 000,000,000 | ---D | M] ("Newtab") -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions\deskCutv2@gmail.com
[2015.12.23 20:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions
[2014.09.25 18:59:45 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\speeddial@instair.net
[2015.11.30 04:03:12 | 000,008,838 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\{1c09e4c9-0906-443a-aa55-b0db4716d743}.xpi
[2012.02.23 22:44:48 | 000,021,707 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\adapter@babylontc.com.xpi
[2012.02.23 22:44:49 | 000,011,148 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\ocr@babylon.com.xpi
[2015.11.30 04:03:12 | 000,008,838 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\{1c09e4c9-0906-443a-aa55-b0db4716d743}.xpi
[2013.05.03 10:01:54 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
========== Chrome ==========
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk\1.1.4_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpnkfkmdhgomemhogjdianppfjkaddcc\3.3_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp\1.5_1\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip\1.1.5_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccdakfilccajeijdfklolcafehhoika\4.67.1.26152_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce\3.2.2_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.4.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pagmklehiaheilihklokljahmoihkjni\1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak\0.2.987_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE64.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_LENOVO_MICPKEY] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EnergyCut] c:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto File not found
O4 - HKU\.DEFAULT..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto File not found
O4 - HKU\S-1-5-18..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-721941654-2744527999-12510684-1000..\Run: [apphide] C:\Program Files (x86)\baidu\ppt.exe ()
O4 - HKU\S-1-5-21-721941654-2744527999-12510684-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-721941654-2744527999-12510684-1000..\Run: [GoogleChromeAutoLaunch_1B0E81B795B08FCFC87354BB5741BA8D] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-721941654-2744527999-12510684-1000..\Run: [Viber] C:\Users\test\AppData\Local\Viber\Viber.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -update plugin File not found
O4 - HKU\.DEFAULT..\RunOnce: [iCloud] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -update plugin File not found
O4 - HKU\S-1-5-18..\RunOnce: [iCloud] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk = C:\Program Files (x86)\Feed Notifier\notifier.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NolowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: Translate this web page with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8:64bit: - Extra context menu item: Translate with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/Action.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Translate this web page with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/Action.htm File not found
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64044D7E-9B24-46AF-9C95-C70214869202}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{666EB138-89B9-4E3C-9459-E5202D906ADA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA8337B7-92C6-43AC-8D75-81041728570C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\ProgramData\Zitenop\Flexity.dll) - C:\ProgramData\Zitenop\Flexity.dll ()
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\ProgramData\Zitenop\Lightfresh.dll) - C:\ProgramData\Zitenop\Lightfresh.dll ()
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{46ca87fe-3e96-11e1-bb0d-dc0ea173a626}\Shell - "" = AutoRun
O33 - MountPoints2\{46ca87fe-3e96-11e1-bb0d-dc0ea173a626}\Shell\AutoRun\command - "" = G:\AutoRunCD.exe
O33 - MountPoints2\{72347dc4-65c9-11e1-9ce7-e4d53ddb5633}\Shell - "" = AutoRun
O33 - MountPoints2\{72347dc4-65c9-11e1-9ce7-e4d53ddb5633}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.VP80 - vp8vfw.dll File not found
Drivers32: vidc.XVID - xvidvfw.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 90 Days ==========
[2016.01.30 21:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[2016.01.29 22:31:53 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\35B51072-1454106713-E111-A818-DC0EA173A626
[2016.01.29 21:23:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2016.01.29 20:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016.01.29 20:55:26 | 000,000,000 | ---D | C] -- C:\rsit
[2016.01.28 22:13:17 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\test\Desktop\FRSTLauncher.exe
[2016.01.28 22:11:22 | 000,000,000 | ---D | C] -- C:\FRST
[2016.01.28 22:11:06 | 002,370,560 | ---- | C] (Farbar) -- C:\Users\test\Desktop\FRST64.exe
[2016.01.16 21:59:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2016.01.16 21:59:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2016.01.16 21:59:53 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2016.01.16 21:59:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2016.01.16 21:59:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fixmapi.exe
[2016.01.16 21:59:39 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016.01.16 21:59:38 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2016.01.16 21:59:37 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2016.01.16 21:59:32 | 001,307,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2adec.dll
[2016.01.16 21:59:31 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2016.01.16 21:59:31 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2016.01.16 21:59:30 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2016.01.16 21:59:30 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2adec.dll
[2016.01.16 21:59:29 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2016.01.16 21:59:29 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2016.01.16 21:59:29 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2016.01.16 21:59:29 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2016.01.16 21:59:28 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2016.01.16 21:59:28 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2016.01.16 21:59:27 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2016.01.16 21:59:27 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2016.01.16 21:59:27 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2016.01.16 21:59:26 | 001,153,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOE.DLL
[2016.01.16 21:59:26 | 001,010,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2016.01.16 21:59:26 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOE.DLL
[2016.01.16 21:59:25 | 001,955,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2016.01.16 21:59:25 | 001,573,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2016.01.16 21:59:25 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2016.01.16 21:59:25 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2016.01.16 21:59:24 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2016.01.16 21:59:24 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2016.01.16 21:59:24 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\COLORCNV.DLL
[2016.01.16 21:59:24 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COLORCNV.DLL
[2016.01.16 21:59:23 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOE.DLL
[2016.01.16 21:59:23 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2016.01.16 21:59:23 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2016.01.16 21:59:23 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2016.01.16 21:59:23 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2016.01.16 21:59:21 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFWMAAEC.DLL
[2016.01.16 21:59:21 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSENCD.DLL
[2016.01.16 21:59:21 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2016.01.16 21:59:21 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VIDRESZR.DLL
[2016.01.16 21:59:20 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devenum.dll
[2016.01.16 21:59:19 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2016.01.16 21:59:19 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFWMAAEC.DLL
[2016.01.16 21:59:19 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2016.01.16 21:59:19 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2016.01.16 21:59:19 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RESAMPLEDMO.DLL
[2016.01.16 21:59:19 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MPG4DECD.DLL
[2016.01.16 21:59:19 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP43DECD.DLL
[2016.01.16 21:59:19 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devenum.dll
[2016.01.16 21:59:18 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSENCD.DLL
[2016.01.16 21:59:18 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MPG4DECD.DLL
[2016.01.16 21:59:18 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP43DECD.DLL
[2016.01.16 21:59:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP3DMOD.DLL
[2016.01.16 21:59:17 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2016.01.16 21:59:17 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOE.DLL
[2016.01.16 21:59:17 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2016.01.16 21:59:17 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfvdsp.dll
[2016.01.16 21:59:16 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2016.01.16 21:59:16 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2016.01.16 21:59:16 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2016.01.16 21:59:15 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2016.01.16 21:59:15 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2016.01.16 21:59:15 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RESAMPLEDMO.DLL
[2016.01.16 21:59:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2016.01.16 21:59:15 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VIDRESZR.DLL
[2016.01.16 21:59:14 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2016.01.16 21:59:14 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP3DMOD.DLL
[2016.01.16 21:59:14 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2016.01.16 21:59:14 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfvdsp.dll
[2016.01.16 21:59:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2016.01.16 21:59:13 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2016.01.16 21:59:13 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2016.01.16 21:59:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2016.01.16 21:59:12 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2016.01.16 21:59:12 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2016.01.16 21:59:11 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2016.01.16 21:59:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksuser.dll
[2016.01.16 21:59:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2016.01.16 21:59:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2016.01.16 21:58:52 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016.01.16 21:58:51 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016.01.16 21:58:51 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016.01.16 21:58:51 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016.01.16 21:58:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016.01.16 21:58:51 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016.01.16 21:58:50 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016.01.16 21:58:49 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016.01.16 21:58:49 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016.01.16 21:58:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016.01.16 21:58:49 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016.01.16 21:58:46 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016.01.16 21:58:46 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016.01.16 21:58:46 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016.01.16 21:58:46 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016.01.16 21:58:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016.01.16 21:58:45 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016.01.16 21:58:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016.01.16 21:58:45 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016.01.16 21:58:45 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016.01.16 21:58:44 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016.01.16 21:58:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016.01.16 21:58:42 | 002,123,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016.01.16 21:58:42 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016.01.16 21:58:42 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016.01.16 21:58:41 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016.01.16 21:58:41 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016.01.16 21:58:40 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016.01.16 21:58:40 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016.01.16 21:58:39 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016.01.16 21:58:39 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016.01.16 21:58:38 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016.01.16 21:58:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016.01.16 21:58:38 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016.01.16 21:58:37 | 006,051,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016.01.16 21:58:37 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016.01.16 21:58:37 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016.01.16 21:58:36 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016.01.16 21:58:35 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016.01.16 21:58:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016.01.16 21:58:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016.01.16 21:53:31 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016.01.16 21:53:25 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016.01.16 21:53:25 | 000,792,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2016.01.16 21:53:24 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2016.01.16 21:53:24 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2016.01.16 21:53:23 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2016.01.16 21:53:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2016.01.16 21:53:21 | 000,025,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016.01.16 21:53:19 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2016.01.16 21:53:01 | 005,572,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016.01.16 21:53:00 | 001,214,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016.01.16 21:52:59 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016.01.16 21:52:58 | 003,993,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016.01.16 21:52:57 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016.01.16 21:52:57 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016.01.16 21:52:55 | 001,461,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016.01.16 21:52:53 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016.01.16 21:52:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016.01.16 21:52:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016.01.16 21:52:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016.01.16 21:52:45 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016.01.16 21:52:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016.01.16 21:52:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016.01.16 21:52:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016.01.16 21:52:38 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016.01.16 21:52:37 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016.01.16 21:52:37 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016.01.16 21:52:36 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016.01.16 21:52:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016.01.16 21:52:34 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016.01.16 21:52:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016.01.16 21:52:32 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016.01.16 21:52:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016.01.16 21:52:29 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016.01.16 21:52:27 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016.01.16 21:52:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016.01.16 21:52:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016.01.16 21:52:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016.01.16 21:52:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016.01.16 21:52:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016.01.16 21:52:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016.01.16 21:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016.01.16 21:52:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016.01.16 21:52:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.01.16 21:52:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016.01.16 21:52:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.01.16 21:52:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016.01.16 21:52:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016.01.16 21:52:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016.01.16 21:52:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016.01.16 21:52:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.01.16 21:52:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016.01.16 21:52:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016.01.16 21:52:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016.01.16 21:52:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016.01.16 21:52:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016.01.16 21:52:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016.01.16 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 21:52:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016.01.16 21:52:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016.01.16 21:52:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016.01.16 21:52:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016.01.16 21:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016.01.16 21:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016.01.16 21:52:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016.01.16 21:52:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016.01.16 21:52:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016.01.16 21:52:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016.01.16 21:52:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016.01.16 21:52:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016.01.16 21:52:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016.01.16 21:52:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016.01.16 21:52:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016.01.16 21:52:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016.01.16 21:52:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.01.16 21:52:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016.01.16 21:52:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016.01.16 21:52:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016.01.16 21:52:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016.01.16 21:52:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016.01.16 21:52:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016.01.16 21:52:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016.01.16 21:52:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016.01.16 21:52:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016.01.16 21:52:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016.01.16 21:52:07 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016.01.16 21:52:07 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016.01.16 21:52:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016.01.16 21:52:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016.01.16 21:52:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016.01.16 21:52:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016.01.16 21:52:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016.01.10 18:00:59 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\eCyber
[2016.01.09 21:08:19 | 000,000,000 | ---D | C] -- C:\Users\test\Desktop\Zima2016
[2016.01.08 23:14:01 | 000,000,000 | ---D | C] -- C:\Users\test\Desktop\Davídek_zima2016
[2016.01.08 23:12:17 | 000,000,000 | ---D | C] -- C:\Users\test\Desktop\Nová složka
[2016.01.04 20:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\dlohn
[2016.01.03 20:49:40 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2016.01.01 13:46:19 | 000,060,136 | ---- | C] (DotC United Inc) -- C:\Windows\SysNative\drivers\MPCKpt.sys
[2015.12.30 21:16:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2015.12.30 21:16:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elex-tech
[2015.12.30 20:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ohnuzes
[2015.12.30 20:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ohnuze
[2015.12.29 19:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\6WdM6
[2015.12.28 20:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\HWdMH
[2015.12.27 22:53:00 | 001,382,240 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2015.12.27 22:53:00 | 000,873,464 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2015.12.27 22:53:00 | 000,158,704 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2015.12.27 22:53:00 | 000,075,544 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2015.12.27 22:52:58 | 001,121,864 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2015.12.27 22:52:58 | 000,961,848 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2015.12.27 22:52:58 | 000,749,000 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2015.12.27 22:52:56 | 002,997,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2015.12.27 22:52:56 | 002,893,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2015.12.27 22:52:54 | 000,343,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2015.12.27 22:52:53 | 003,271,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2015.12.27 22:52:53 | 000,195,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2015.12.27 22:52:53 | 000,023,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2015.12.27 22:52:52 | 000,689,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2015.12.27 22:52:52 | 000,387,320 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.12.27 22:52:52 | 000,214,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.12.27 22:52:52 | 000,110,984 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.12.27 22:52:52 | 000,088,352 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015.12.27 22:52:49 | 001,351,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2015.12.27 22:52:48 | 000,321,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.12.27 22:52:47 | 000,321,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.12.27 22:52:46 | 002,965,120 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2015.12.27 22:52:44 | 002,028,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2015.12.27 22:52:38 | 003,278,408 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.12.27 22:52:36 | 001,601,944 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2015.12.27 22:52:36 | 000,122,328 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015.12.27 22:52:36 | 000,118,600 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2015.12.27 22:52:35 | 000,574,760 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2015.12.26 23:27:31 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015.12.26 22:20:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015.12.26 14:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\3WdM3
[2015.12.25 22:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\gWdMg
[2015.12.23 21:05:00 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\kingsoft
[2015.12.23 15:54:45 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\PPTAssist
[2015.12.23 15:54:40 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\pptassist
[2015.12.23 15:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\kingsoft
[2015.12.23 15:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\baidu
[2015.12.14 20:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
[2015.12.14 20:43:04 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\WinZipper
[2015.12.14 20:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZipper
[2015.12.14 20:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\rWdMr
[2015.12.14 20:41:41 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\TSv
[2015.12.14 20:40:12 | 000,000,000 | ---D | C] -- C:\ProgramData\2WdM2
[2015.12.13 13:48:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feed Notifier
[2015.12.12 23:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
[2015.12.12 23:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\simplitec
[2015.12.12 23:42:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\simplitec
[2015.12.12 23:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015.12.12 23:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\7a44e8de-0f81-0
[2015.12.12 23:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\7a44e8de-0111-1
[2015.12.10 20:53:48 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\PlutoTV
[2015.12.09 22:02:11 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2015.12.09 22:02:10 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.12.09 22:02:09 | 003,170,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.12.09 22:02:09 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.12.09 22:02:09 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.12.09 22:02:09 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.12.09 22:02:09 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.12.09 22:02:09 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.12.09 22:02:09 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.12.09 22:02:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.12.09 22:02:09 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.12.09 22:02:08 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.12.09 22:02:08 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.12.09 22:02:08 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.12.09 22:02:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.12.09 22:02:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.12.09 22:02:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2015.12.09 22:02:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2015.12.09 22:02:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdgeoqw.dll
[2015.12.09 22:02:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZEL.DLL
[2015.12.09 22:02:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZE.DLL
[2015.12.09 22:02:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZE.DLL
[2015.12.09 22:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdgeoqw.dll
[2015.12.09 22:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZEL.DLL
[2015.12.09 22:01:56 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015.12.09 22:01:54 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2015.12.09 22:01:50 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2015.12.09 22:01:49 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshrm.dll
[2015.12.09 22:01:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2015.12.09 22:01:48 | 001,735,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2015.12.09 22:01:48 | 001,242,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2015.12.09 22:01:48 | 000,525,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2015.12.09 22:01:48 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2015.12.09 21:53:57 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\els.dll
[2015.12.09 21:53:55 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\els.dll
[2015.12.06 13:28:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.12.05 15:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Tmp0x0x
[2015.12.04 23:10:12 | 011,531,536 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETwsw00.sys
[2015.12.04 23:09:36 | 000,458,960 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\k57nd60a.sys
[2015.12.02 21:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\nWMiniPron
[2015.12.02 21:14:24 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\35B51072-1449090864-E111-A818-DC0EA173A626
[2015.12.02 20:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Zitenops
[2015.12.02 20:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Zitenop
[2015.12.01 11:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
[2015.12.01 10:33:23 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\jnhtnwej.sys
[2015.11.30 23:06:51 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\35B51072-1448924811-E111-A818-DC0EA173A626
[2015.11.30 22:22:21 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Camera Extension
[2015.11.30 22:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream
[2015.11.30 22:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\Dripkix
[2015.11.30 22:13:30 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626
[2015.11.30 22:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626
[2015.11.23 20:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2015.11.23 20:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2015.11.22 14:38:56 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\CEF
[2015.11.22 14:02:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015.11.16 14:54:30 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Viber
[2015.11.10 21:32:46 | 000,299,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2015.11.10 21:32:46 | 000,251,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2015.11.10 21:31:37 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2015.11.10 21:31:36 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe
[2015.11.10 21:31:36 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe
[2015.11.10 21:31:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimeng.dll
[2015.11.10 21:31:26 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2015.11.10 21:31:26 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2015.11.10 21:31:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Stažený software
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,95 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 28,37% Memory free
7,89 Gb Paging File | 4,31 Gb Available in Paging File | 54,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 0,67 Gb Free Space | 1,14% Space Free | Partition Type: NTFS
Drive D: | 454,49 Gb Total Space | 105,42 Gb Free Space | 23,19% Space Free | Partition Type: NTFS
Computer Name: HUTCH | User Name: test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - [2016.01.30 21:13:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Stažený software\OTL.exe
PRC - [2016.01.29 21:25:22 | 000,273,920 | ---- | M] () -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\knsp9A09.tmp
PRC - [2016.01.27 20:57:36 | 000,166,880 | ---- | M] (DotC United Inc) -- D:\Program Files (x86)\MPC Cleaner\MPCTray.exe
PRC - [2016.01.27 20:57:27 | 000,349,152 | ---- | M] (DotC United Inc) -- D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
PRC - [2016.01.27 20:57:25 | 000,267,744 | ---- | M] (DotC United Inc) -- D:\Program Files (x86)\MPC Cleaner\MPCNews.exe
PRC - [2016.01.20 04:08:19 | 000,731,824 | ---- | M] (Tai Wai Shui Mu) -- C:\Program Files (x86)\WinZipper\winzipersvc.exe
PRC - [2016.01.13 15:01:36 | 046,373,056 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
PRC - [2016.01.12 17:36:02 | 000,748,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016.01.04 19:35:06 | 000,508,416 | ---- | M] () -- C:\ProgramData\dlohn\dlohn.exe
PRC - [2015.12.30 20:35:34 | 000,534,016 | ---- | M] () -- C:\ProgramData\ohnuze\ohnuze.exe
PRC - [2015.12.26 09:59:52 | 000,158,720 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1454106713-E111-A818-DC0EA173A626\qnsvF6F.tmp
PRC - [2015.12.08 09:05:54 | 000,580,752 | ---- | M] (tsvr.com) -- C:\Users\test\AppData\Roaming\TSv\TSvr.exe
PRC - [2015.12.05 14:28:09 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
PRC - [2015.12.02 17:40:34 | 000,406,016 | ---- | M] () -- C:\ProgramData\Zitenop\Zitenop.exe
PRC - [2015.12.01 17:00:00 | 000,694,632 | ---- | M] (Zhuhai Kingsoft Office Software Co.,Ltd) -- C:\Users\test\AppData\Local\PPTAssist\ktpcntr.exe
PRC - [2015.11.30 22:13:38 | 000,325,632 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\snsc5768.tmp
PRC - [2015.11.30 22:13:36 | 000,516,608 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\onsc576A.tmp
PRC - [2015.11.30 22:12:42 | 000,617,984 | ---- | M] () -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\hnsx7C94.tmp
PRC - [2015.11.30 22:12:35 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\jnss6155.tmp
PRC - [2015.11.26 08:25:44 | 000,109,897 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\pnsc576B.exe
PRC - [2015.11.09 11:26:08 | 051,657,424 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\Viber.exe
PRC - [2015.10.21 22:09:34 | 000,081,920 | -H-- | M] () -- C:\Program Files (x86)\baidu\ppt.exe
PRC - [2015.09.23 14:31:38 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Feed Notifier\notifier.exe
PRC - [2015.08.27 01:37:44 | 002,634,872 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.08.27 01:37:41 | 001,872,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2012.03.07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.01.14 13:25:25 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2007.03.09 19:00:18 | 001,167,360 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
========== Modules (No Company Name) ==========
MOD - [2016.01.30 21:05:21 | 000,011,264 | ---- | M] () -- C:\Users\test\AppData\Local\Temp\nsm281A.tmp\System.dll
MOD - [2016.01.13 15:01:36 | 046,373,056 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
MOD - [2016.01.12 17:35:55 | 001,590,088 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
MOD - [2016.01.12 17:35:52 | 000,087,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
MOD - [2015.12.26 21:37:41 | 000,257,536 | ---- | M] () -- C:\ProgramData\Zitenop\Lightfresh.dll
MOD - [2015.11.30 22:22:21 | 000,031,232 | ---- | M] () -- C:\Users\test\AppData\Local\Camera Extension\{72CF7F9B-DC02-991B-E7CB-BC42B9BD5369}\CameraExtension.dll
MOD - [2015.11.30 22:22:21 | 000,010,752 | ---- | M] () -- C:\Users\test\AppData\Local\Camera Extension\{72CF7F9B-DC02-991B-E7CB-BC42B9BD5369}\ftslocf.dll
MOD - [2015.11.30 22:13:36 | 000,516,608 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\onsc576A.tmp
MOD - [2015.11.26 08:25:44 | 000,109,897 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\pnsc576B.exe
MOD - [2015.11.09 11:26:08 | 051,657,424 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\Viber.exe
MOD - [2015.11.09 11:19:32 | 000,389,632 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\imageformats\qsvg.dll
MOD - [2015.11.09 11:19:27 | 000,089,088 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\qfacebook.dll
MOD - [2015.10.21 22:09:34 | 000,081,920 | -H-- | M] () -- C:\Program Files (x86)\baidu\ppt.exe
MOD - [2015.10.05 15:22:16 | 000,073,728 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\libEGL.dll
MOD - [2015.10.05 15:19:14 | 001,481,728 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\libGLESv2.dll
MOD - [2015.09.29 15:34:24 | 000,425,984 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtLocation\declarative_location.dll
MOD - [2015.09.29 15:26:18 | 000,057,856 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQuick\Layouts\qquicklayoutsplugin.dll
MOD - [2015.09.29 15:25:48 | 000,690,176 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2015.09.29 03:04:28 | 000,184,320 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtMultimedia\declarative_multimedia.dll
MOD - [2015.09.29 03:03:32 | 000,065,024 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtPositioning\declarative_positioning.dll
MOD - [2015.09.29 02:58:25 | 000,044,032 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQml\StateMachine\qtqmlstatemachine.dll
MOD - [2015.09.29 02:58:23 | 000,012,288 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQuick\Window.2\windowplugin.dll
MOD - [2015.09.29 02:58:22 | 000,012,288 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll
MOD - [2015.09.29 02:58:20 | 000,012,288 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\QtQml\Models.2\modelsplugin.dll
MOD - [2015.09.29 02:37:50 | 000,010,240 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\libEGL.dll
MOD - [2015.09.29 02:37:49 | 001,601,536 | ---- | M] () -- C:\Users\test\AppData\Local\Viber\libGLESV2.dll
MOD - [2015.09.23 14:31:38 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Feed Notifier\notifier.exe
MOD - [2015.08.27 01:37:44 | 000,011,896 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015.07.23 05:06:23 | 000,012,104 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2015.05.15 22:31:47 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2014.11.30 22:21:29 | 000,659,456 | ---- | M] () -- C:\Windows\SysWOW64\vmprp331.ax
MOD - [2014.10.15 19:02:49 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014.10.15 19:00:40 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014.09.13 15:49:17 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012.01.15 22:00:21 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.01.14 13:25:24 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
MOD - [2010.11.05 02:54:38 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2005.06.24 19:05:02 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll
========== Services (SafeList) ==========
SRV:64bit: - [2015.12.12 19:02:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.11.12 22:55:26 | 000,379,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Dripkix\Dripkix.exe -- (Dripkix)
SRV:64bit: - [2015.08.23 13:33:19 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.07.24 05:22:13 | 001,155,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015.07.24 05:22:11 | 005,544,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2015.04.30 00:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2015.04.30 00:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014.08.10 13:48:32 | 000,290,520 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV:64bit: - [2013.07.10 22:52:14 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.05.12 16:01:46 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011.05.02 14:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.05.02 14:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.05.02 14:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016.01.29 21:25:22 | 000,273,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\knsp9A09.tmp -- (pucufecozbt)
SRV - [2016.01.27 20:57:27 | 000,349,152 | ---- | M] (DotC United Inc) [Auto | Running] -- D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe -- (MPCProtectService)
SRV - [2016.01.20 04:08:19 | 000,731,824 | ---- | M] (Tai Wai Shui Mu) [Auto | Running] -- C:\Program Files (x86)\WinZipper\winzipersvc.exe -- (winzipersvc)
SRV - [2016.01.04 19:35:06 | 000,508,416 | ---- | M] () [Auto | Running] -- C:\ProgramData\\dlohn\\dlohn.exe -- (dlohn)
SRV - [2015.12.30 20:35:34 | 000,534,016 | ---- | M] () [Auto | Running] -- C:\ProgramData\\ohnuze\\ohnuze.exe -- (ohnuze)
SRV - [2015.12.26 09:59:52 | 000,158,720 | ---- | M] () [Auto | Running] -- C:\Users\test\AppData\Local\35B51072-1454106713-E111-A818-DC0EA173A626\qnsvF6F.tmp -- (zigipyro)
SRV - [2015.12.13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.12.08 09:05:54 | 000,580,752 | ---- | M] (tsvr.com) [Auto | Running] -- C:\Users\test\AppData\Roaming\TSv\TSvr.exe -- (IhPul)
SRV - [2015.12.02 17:40:34 | 000,406,016 | ---- | M] () [Auto | Running] -- C:\ProgramData\\Zitenop\\Zitenop.exe -- (Zitenop)
SRV - [2015.11.30 22:13:38 | 000,325,632 | ---- | M] () [Auto | Running] -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\snsc5768.tmp -- (xenyduje)
SRV - [2015.11.30 22:12:42 | 000,617,984 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\hnsx7C94.tmp -- (ryrojiry)
SRV - [2015.11.30 22:12:35 | 000,240,640 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\jnss6155.tmp -- (pupivyhi)
SRV - [2015.11.23 20:41:28 | 000,956,136 | ---- | M] (Spigot, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ProgramManager\ProgramManager.exe -- (Program Manager)
SRV - [2015.11.20 17:44:02 | 000,955,056 | ---- | M] (Spigot, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2015.11.10 13:48:12 | 002,934,048 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015.08.27 01:37:41 | 001,872,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.06.24 00:58:10 | 000,165,784 | ---- | M] (APN LLC.) [On_Demand | Stopped] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2014.05.28 15:46:02 | 002,580,304 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2014.04.11 22:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012.12.14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2012.01.15 08:42:25 | 000,066,872 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016.01.27 20:58:52 | 000,060,136 | ---- | M] (DotC United Inc) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MPCKpt.sys -- (MPCKpt)
DRV:64bit: - [2015.12.04 23:10:12 | 011,531,536 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)
DRV:64bit: - [2015.12.04 23:09:36 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2015.08.11 05:52:30 | 000,050,472 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2015.07.24 05:22:11 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015.07.23 05:06:23 | 000,031,376 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2015.06.10 22:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2015.03.04 18:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014.11.30 22:22:16 | 000,454,416 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014.11.30 22:21:28 | 000,952,832 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2014.05.03 20:21:20 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014.04.18 20:00:48 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014.02.17 22:59:51 | 000,176,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2013.07.25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012.12.14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.11 10:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.07 00:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 00:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 00:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.03.07 00:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 00:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 00:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 00:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.14 16:43:28 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2012.01.14 16:43:25 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011.10.28 19:23:56 | 000,398,896 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.08.09 13:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 08:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011.08.04 08:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011.08.04 08:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011.05.13 08:01:36 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011.05.13 08:01:34 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011.05.13 08:01:24 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.05.13 08:01:24 | 000,150,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.05.13 08:01:24 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.05.13 08:01:24 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011.05.10 09:26:40 | 000,137,728 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV:64bit: - [2011.05.10 09:26:40 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2011.05.10 09:26:40 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2011.05.10 09:26:40 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.01 05:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.08.16 17:28:50 | 000,008,320 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmuvcflt.sys -- (vmuvcflt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015.01.14 20:03:35 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\..\SearchScopes,DefaultScope = {ielnksrch}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKLM\..\SearchScopes\ielnksrch: "URL" = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\.DEFAULT\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}
IE - HKU\.DEFAULT\..\SearchScopes\{356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}
IE - HKU\S-1-5-18\..\SearchScopes\{356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes,DefaultScope = {18F9ACFF-FA75-4830-AEF8-CE6B65598CE5}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.dalesearch.com/?q={searchTer ... 9&tsp=5011
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{18F9ACFF-FA75-4830-AEF8-CE6B65598CE5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.yoursites123.com/web/?type=d ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{53D943B4-F4B8-4035-9026-260DEFD2C4B6}: "URL" = http://search.eshield.com/serp?guid={8C ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... DF&pc=MSSE
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6F36 ... 2012-05-08 20:50:27&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{A8885A04-562A-452B-B795-ADE1B3C43D21}: "URL" = http://search.yahoo.com/search?p={searc ... type=11467
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{D83A9746-0573-4C41-B746-32EAF5C87A8E}: "URL" = http://websearch.ask.com/redirect?clien ... 7FF1E2A618
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0EA173A626}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{F29BA006-1725-443E-AA40-D919C19925A4}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{FDAE1BA8-D154-4204-B9A8-18198994F6CE}: "URL" = https://search.yahoo.com/search?fr=chr- ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{ielnksrch}: "URL" = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyucr_RRfpjzIC4jzU2Bn38fxswmdH7ZWjb5YPEBFP3Lr80KVX1IHnre-os1J5aQ3_abkrR41thdizjVpS_vQAKhBlz1EcPd0PlHg7n11MpQhM3DWU-1egyu3AmIlz8yJfrK6wN5ROinFZh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yoursearching.com/?type=hp&t ... W7116W7116"
FF - prefs.js..keyword.URL: "http://search.eshield.com/serp?guid={8C ... _search&k="
FF - prefs.js..browser.search.defaultenginename: "eShield Safe Web"
FF - prefs.js..browser.startup.homepage: "http://services.eshield.com/general/new ... E3DABE}&i="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\test\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\deskCutv2@gmail.com: C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions\deskCutv2@gmail.com [2015.12.02 21:49:57 | 000,000,000 | ---D | M]
[2015.12.23 20:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions
[2015.11.30 22:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\1448918575_xpi
[2015.11.30 23:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\1448921190_xpi
[2015.12.20 14:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions
[2015.12.02 21:49:57 | 000,000,000 | ---D | M] ("Newtab") -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions\deskCutv2@gmail.com
[2015.12.23 20:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions
[2014.09.25 18:59:45 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\speeddial@instair.net
[2015.11.30 04:03:12 | 000,008,838 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\{1c09e4c9-0906-443a-aa55-b0db4716d743}.xpi
[2012.02.23 22:44:48 | 000,021,707 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\adapter@babylontc.com.xpi
[2012.02.23 22:44:49 | 000,011,148 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\ocr@babylon.com.xpi
[2015.11.30 04:03:12 | 000,008,838 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\{1c09e4c9-0906-443a-aa55-b0db4716d743}.xpi
[2013.05.03 10:01:54 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
========== Chrome ==========
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk\1.1.4_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpnkfkmdhgomemhogjdianppfjkaddcc\3.3_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp\1.5_1\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip\1.1.5_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccdakfilccajeijdfklolcafehhoika\4.67.1.26152_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce\3.2.2_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.4.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pagmklehiaheilihklokljahmoihkjni\1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak\0.2.987_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE64.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_LENOVO_MICPKEY] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EnergyCut] c:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto File not found
O4 - HKU\.DEFAULT..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto File not found
O4 - HKU\S-1-5-18..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-721941654-2744527999-12510684-1000..\Run: [apphide] C:\Program Files (x86)\baidu\ppt.exe ()
O4 - HKU\S-1-5-21-721941654-2744527999-12510684-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-721941654-2744527999-12510684-1000..\Run: [GoogleChromeAutoLaunch_1B0E81B795B08FCFC87354BB5741BA8D] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-721941654-2744527999-12510684-1000..\Run: [Viber] C:\Users\test\AppData\Local\Viber\Viber.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -update plugin File not found
O4 - HKU\.DEFAULT..\RunOnce: [iCloud] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -update plugin File not found
O4 - HKU\S-1-5-18..\RunOnce: [iCloud] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk = C:\Program Files (x86)\Feed Notifier\notifier.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NolowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: Translate this web page with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8:64bit: - Extra context menu item: Translate with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/Action.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Translate this web page with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/Action.htm File not found
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64044D7E-9B24-46AF-9C95-C70214869202}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{666EB138-89B9-4E3C-9459-E5202D906ADA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA8337B7-92C6-43AC-8D75-81041728570C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\ProgramData\Zitenop\Flexity.dll) - C:\ProgramData\Zitenop\Flexity.dll ()
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\ProgramData\Zitenop\Lightfresh.dll) - C:\ProgramData\Zitenop\Lightfresh.dll ()
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{46ca87fe-3e96-11e1-bb0d-dc0ea173a626}\Shell - "" = AutoRun
O33 - MountPoints2\{46ca87fe-3e96-11e1-bb0d-dc0ea173a626}\Shell\AutoRun\command - "" = G:\AutoRunCD.exe
O33 - MountPoints2\{72347dc4-65c9-11e1-9ce7-e4d53ddb5633}\Shell - "" = AutoRun
O33 - MountPoints2\{72347dc4-65c9-11e1-9ce7-e4d53ddb5633}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.VP80 - vp8vfw.dll File not found
Drivers32: vidc.XVID - xvidvfw.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 90 Days ==========
[2016.01.30 21:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[2016.01.29 22:31:53 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\35B51072-1454106713-E111-A818-DC0EA173A626
[2016.01.29 21:23:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2016.01.29 20:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016.01.29 20:55:26 | 000,000,000 | ---D | C] -- C:\rsit
[2016.01.28 22:13:17 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\test\Desktop\FRSTLauncher.exe
[2016.01.28 22:11:22 | 000,000,000 | ---D | C] -- C:\FRST
[2016.01.28 22:11:06 | 002,370,560 | ---- | C] (Farbar) -- C:\Users\test\Desktop\FRST64.exe
[2016.01.16 21:59:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2016.01.16 21:59:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2016.01.16 21:59:53 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2016.01.16 21:59:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2016.01.16 21:59:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fixmapi.exe
[2016.01.16 21:59:39 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016.01.16 21:59:38 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2016.01.16 21:59:37 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2016.01.16 21:59:32 | 001,307,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2adec.dll
[2016.01.16 21:59:31 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2016.01.16 21:59:31 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2016.01.16 21:59:30 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2016.01.16 21:59:30 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2adec.dll
[2016.01.16 21:59:29 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2016.01.16 21:59:29 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2016.01.16 21:59:29 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2016.01.16 21:59:29 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2016.01.16 21:59:28 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2016.01.16 21:59:28 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2016.01.16 21:59:27 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2016.01.16 21:59:27 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2016.01.16 21:59:27 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2016.01.16 21:59:26 | 001,153,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOE.DLL
[2016.01.16 21:59:26 | 001,010,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2016.01.16 21:59:26 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOE.DLL
[2016.01.16 21:59:25 | 001,955,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2016.01.16 21:59:25 | 001,573,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2016.01.16 21:59:25 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2016.01.16 21:59:25 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2016.01.16 21:59:24 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2016.01.16 21:59:24 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2016.01.16 21:59:24 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\COLORCNV.DLL
[2016.01.16 21:59:24 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COLORCNV.DLL
[2016.01.16 21:59:23 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOE.DLL
[2016.01.16 21:59:23 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2016.01.16 21:59:23 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2016.01.16 21:59:23 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2016.01.16 21:59:23 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2016.01.16 21:59:21 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFWMAAEC.DLL
[2016.01.16 21:59:21 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSENCD.DLL
[2016.01.16 21:59:21 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2016.01.16 21:59:21 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VIDRESZR.DLL
[2016.01.16 21:59:20 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devenum.dll
[2016.01.16 21:59:19 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2016.01.16 21:59:19 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFWMAAEC.DLL
[2016.01.16 21:59:19 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2016.01.16 21:59:19 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2016.01.16 21:59:19 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RESAMPLEDMO.DLL
[2016.01.16 21:59:19 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MPG4DECD.DLL
[2016.01.16 21:59:19 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP43DECD.DLL
[2016.01.16 21:59:19 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devenum.dll
[2016.01.16 21:59:18 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSENCD.DLL
[2016.01.16 21:59:18 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MPG4DECD.DLL
[2016.01.16 21:59:18 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP43DECD.DLL
[2016.01.16 21:59:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP3DMOD.DLL
[2016.01.16 21:59:17 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2016.01.16 21:59:17 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOE.DLL
[2016.01.16 21:59:17 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2016.01.16 21:59:17 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfvdsp.dll
[2016.01.16 21:59:16 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2016.01.16 21:59:16 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2016.01.16 21:59:16 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2016.01.16 21:59:15 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2016.01.16 21:59:15 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2016.01.16 21:59:15 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RESAMPLEDMO.DLL
[2016.01.16 21:59:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2016.01.16 21:59:15 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VIDRESZR.DLL
[2016.01.16 21:59:14 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2016.01.16 21:59:14 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP3DMOD.DLL
[2016.01.16 21:59:14 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2016.01.16 21:59:14 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfvdsp.dll
[2016.01.16 21:59:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2016.01.16 21:59:13 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2016.01.16 21:59:13 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2016.01.16 21:59:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2016.01.16 21:59:12 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2016.01.16 21:59:12 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2016.01.16 21:59:11 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2016.01.16 21:59:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksuser.dll
[2016.01.16 21:59:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2016.01.16 21:59:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2016.01.16 21:58:52 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016.01.16 21:58:51 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016.01.16 21:58:51 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016.01.16 21:58:51 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016.01.16 21:58:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016.01.16 21:58:51 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016.01.16 21:58:50 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016.01.16 21:58:49 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016.01.16 21:58:49 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016.01.16 21:58:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016.01.16 21:58:49 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016.01.16 21:58:46 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016.01.16 21:58:46 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016.01.16 21:58:46 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016.01.16 21:58:46 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016.01.16 21:58:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016.01.16 21:58:45 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016.01.16 21:58:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016.01.16 21:58:45 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016.01.16 21:58:45 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016.01.16 21:58:44 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016.01.16 21:58:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016.01.16 21:58:42 | 002,123,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016.01.16 21:58:42 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016.01.16 21:58:42 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016.01.16 21:58:41 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016.01.16 21:58:41 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016.01.16 21:58:40 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016.01.16 21:58:40 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016.01.16 21:58:39 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016.01.16 21:58:39 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016.01.16 21:58:38 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016.01.16 21:58:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016.01.16 21:58:38 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016.01.16 21:58:37 | 006,051,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016.01.16 21:58:37 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016.01.16 21:58:37 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016.01.16 21:58:36 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016.01.16 21:58:35 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016.01.16 21:58:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016.01.16 21:58:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016.01.16 21:53:31 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016.01.16 21:53:25 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016.01.16 21:53:25 | 000,792,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2016.01.16 21:53:24 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2016.01.16 21:53:24 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2016.01.16 21:53:23 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2016.01.16 21:53:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2016.01.16 21:53:21 | 000,025,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016.01.16 21:53:19 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2016.01.16 21:53:01 | 005,572,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016.01.16 21:53:00 | 001,214,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016.01.16 21:52:59 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016.01.16 21:52:58 | 003,993,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016.01.16 21:52:57 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016.01.16 21:52:57 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016.01.16 21:52:55 | 001,461,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016.01.16 21:52:53 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016.01.16 21:52:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016.01.16 21:52:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016.01.16 21:52:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016.01.16 21:52:45 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016.01.16 21:52:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016.01.16 21:52:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016.01.16 21:52:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016.01.16 21:52:38 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016.01.16 21:52:37 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016.01.16 21:52:37 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016.01.16 21:52:36 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016.01.16 21:52:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016.01.16 21:52:34 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016.01.16 21:52:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016.01.16 21:52:32 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016.01.16 21:52:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016.01.16 21:52:29 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016.01.16 21:52:27 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016.01.16 21:52:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016.01.16 21:52:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016.01.16 21:52:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016.01.16 21:52:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016.01.16 21:52:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016.01.16 21:52:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016.01.16 21:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016.01.16 21:52:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016.01.16 21:52:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.01.16 21:52:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016.01.16 21:52:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.01.16 21:52:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016.01.16 21:52:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016.01.16 21:52:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016.01.16 21:52:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016.01.16 21:52:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.01.16 21:52:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016.01.16 21:52:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.01.16 21:52:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016.01.16 21:52:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016.01.16 21:52:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016.01.16 21:52:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016.01.16 21:52:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016.01.16 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 21:52:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016.01.16 21:52:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016.01.16 21:52:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016.01.16 21:52:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016.01.16 21:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016.01.16 21:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016.01.16 21:52:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016.01.16 21:52:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016.01.16 21:52:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016.01.16 21:52:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016.01.16 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016.01.16 21:52:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016.01.16 21:52:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016.01.16 21:52:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016.01.16 21:52:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016.01.16 21:52:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016.01.16 21:52:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016.01.16 21:52:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.01.16 21:52:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016.01.16 21:52:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016.01.16 21:52:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016.01.16 21:52:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016.01.16 21:52:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016.01.16 21:52:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016.01.16 21:52:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016.01.16 21:52:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016.01.16 21:52:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016.01.16 21:52:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016.01.16 21:52:07 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016.01.16 21:52:07 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016.01.16 21:52:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016.01.16 21:52:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016.01.16 21:52:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016.01.16 21:52:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016.01.16 21:52:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016.01.10 18:00:59 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\eCyber
[2016.01.09 21:08:19 | 000,000,000 | ---D | C] -- C:\Users\test\Desktop\Zima2016
[2016.01.08 23:14:01 | 000,000,000 | ---D | C] -- C:\Users\test\Desktop\Davídek_zima2016
[2016.01.08 23:12:17 | 000,000,000 | ---D | C] -- C:\Users\test\Desktop\Nová složka
[2016.01.04 20:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\dlohn
[2016.01.03 20:49:40 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2016.01.01 13:46:19 | 000,060,136 | ---- | C] (DotC United Inc) -- C:\Windows\SysNative\drivers\MPCKpt.sys
[2015.12.30 21:16:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2015.12.30 21:16:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elex-tech
[2015.12.30 20:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ohnuzes
[2015.12.30 20:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ohnuze
[2015.12.29 19:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\6WdM6
[2015.12.28 20:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\HWdMH
[2015.12.27 22:53:00 | 001,382,240 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2015.12.27 22:53:00 | 000,873,464 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2015.12.27 22:53:00 | 000,158,704 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2015.12.27 22:53:00 | 000,075,544 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2015.12.27 22:52:58 | 001,121,864 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2015.12.27 22:52:58 | 000,961,848 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2015.12.27 22:52:58 | 000,749,000 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2015.12.27 22:52:56 | 002,997,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2015.12.27 22:52:56 | 002,893,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2015.12.27 22:52:54 | 000,343,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2015.12.27 22:52:53 | 003,271,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2015.12.27 22:52:53 | 000,195,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2015.12.27 22:52:53 | 000,023,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2015.12.27 22:52:52 | 000,689,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2015.12.27 22:52:52 | 000,387,320 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.12.27 22:52:52 | 000,214,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.12.27 22:52:52 | 000,110,984 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.12.27 22:52:52 | 000,088,352 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015.12.27 22:52:49 | 001,351,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2015.12.27 22:52:48 | 000,321,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.12.27 22:52:47 | 000,321,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.12.27 22:52:46 | 002,965,120 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2015.12.27 22:52:44 | 002,028,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2015.12.27 22:52:38 | 003,278,408 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.12.27 22:52:36 | 001,601,944 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2015.12.27 22:52:36 | 000,122,328 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015.12.27 22:52:36 | 000,118,600 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2015.12.27 22:52:35 | 000,574,760 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2015.12.26 23:27:31 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015.12.26 22:20:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015.12.26 14:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\3WdM3
[2015.12.25 22:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\gWdMg
[2015.12.23 21:05:00 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\kingsoft
[2015.12.23 15:54:45 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\PPTAssist
[2015.12.23 15:54:40 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\pptassist
[2015.12.23 15:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\kingsoft
[2015.12.23 15:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\baidu
[2015.12.14 20:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
[2015.12.14 20:43:04 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\WinZipper
[2015.12.14 20:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZipper
[2015.12.14 20:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\rWdMr
[2015.12.14 20:41:41 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Roaming\TSv
[2015.12.14 20:40:12 | 000,000,000 | ---D | C] -- C:\ProgramData\2WdM2
[2015.12.13 13:48:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feed Notifier
[2015.12.12 23:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
[2015.12.12 23:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\simplitec
[2015.12.12 23:42:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\simplitec
[2015.12.12 23:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015.12.12 23:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\7a44e8de-0f81-0
[2015.12.12 23:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\7a44e8de-0111-1
[2015.12.10 20:53:48 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\PlutoTV
[2015.12.09 22:02:11 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2015.12.09 22:02:10 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.12.09 22:02:09 | 003,170,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.12.09 22:02:09 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.12.09 22:02:09 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.12.09 22:02:09 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.12.09 22:02:09 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.12.09 22:02:09 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.12.09 22:02:09 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.12.09 22:02:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.12.09 22:02:09 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.12.09 22:02:08 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.12.09 22:02:08 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.12.09 22:02:08 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.12.09 22:02:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.12.09 22:02:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.12.09 22:02:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2015.12.09 22:02:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2015.12.09 22:02:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdgeoqw.dll
[2015.12.09 22:02:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZEL.DLL
[2015.12.09 22:02:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZE.DLL
[2015.12.09 22:02:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZE.DLL
[2015.12.09 22:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdgeoqw.dll
[2015.12.09 22:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZEL.DLL
[2015.12.09 22:01:56 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015.12.09 22:01:54 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2015.12.09 22:01:50 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2015.12.09 22:01:49 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshrm.dll
[2015.12.09 22:01:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2015.12.09 22:01:48 | 001,735,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2015.12.09 22:01:48 | 001,242,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2015.12.09 22:01:48 | 000,525,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2015.12.09 22:01:48 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2015.12.09 21:53:57 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\els.dll
[2015.12.09 21:53:55 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\els.dll
[2015.12.06 13:28:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.12.05 15:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Tmp0x0x
[2015.12.04 23:10:12 | 011,531,536 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETwsw00.sys
[2015.12.04 23:09:36 | 000,458,960 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\k57nd60a.sys
[2015.12.02 21:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\nWMiniPron
[2015.12.02 21:14:24 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\35B51072-1449090864-E111-A818-DC0EA173A626
[2015.12.02 20:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Zitenops
[2015.12.02 20:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Zitenop
[2015.12.01 11:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
[2015.12.01 10:33:23 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\jnhtnwej.sys
[2015.11.30 23:06:51 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\35B51072-1448924811-E111-A818-DC0EA173A626
[2015.11.30 22:22:21 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Camera Extension
[2015.11.30 22:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream
[2015.11.30 22:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\Dripkix
[2015.11.30 22:13:30 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626
[2015.11.30 22:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626
[2015.11.23 20:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2015.11.23 20:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2015.11.22 14:38:56 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\CEF
[2015.11.22 14:02:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015.11.16 14:54:30 | 000,000,000 | ---D | C] -- C:\Users\test\AppData\Local\Viber
[2015.11.10 21:32:46 | 000,299,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2015.11.10 21:32:46 | 000,251,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2015.11.10 21:31:37 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2015.11.10 21:31:36 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe
[2015.11.10 21:31:36 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe
[2015.11.10 21:31:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimeng.dll
[2015.11.10 21:31:26 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2015.11.10 21:31:26 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2015.11.10 21:31:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
========== Files - Modified Within 90 Days ==========
[2016.01.30 21:27:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.01.30 21:17:18 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.01.30 21:17:18 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.01.30 21:15:13 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\PPTAssistantNotifyTask_test.job
[2016.01.30 21:12:23 | 000,000,596 | ---- | M] () -- C:\Windows\tasks\PPTAssistantUpdateTask_test.job
[2016.01.30 21:10:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016.01.30 21:06:45 | 000,677,826 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016.01.30 21:06:45 | 000,663,248 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016.01.30 21:06:45 | 000,146,712 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016.01.30 21:06:45 | 000,126,378 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016.01.30 21:06:44 | 001,611,912 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016.01.30 21:02:07 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016.01.30 21:02:05 | 000,000,722 | ---- | M] () -- C:\Users\Public\Desktop\MPC Cleaner.lnk
[2016.01.30 21:02:04 | 000,000,534 | ---- | M] () -- C:\Windows\tasks\Datová skartovačka - $RECYCLER .job
[2016.01.30 20:58:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.01.30 20:58:48 | 3177,074,688 | -HS- | M] () -- C:\hiberfil.sys
[2016.01.29 20:55:00 | 001,222,144 | ---- | M] () -- C:\Users\test\Desktop\RSITx64.exe
[2016.01.28 22:13:20 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\test\Desktop\FRSTLauncher.exe
[2016.01.28 22:09:50 | 002,370,560 | ---- | M] (Farbar) -- C:\Users\test\Desktop\FRST64.exe
[2016.01.27 20:58:52 | 000,060,136 | ---- | M] (DotC United Inc) -- C:\Windows\SysNative\drivers\MPCKpt.sys
[2016.01.20 18:43:32 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
[2016.01.17 19:57:13 | 000,409,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016.01.16 20:45:56 | 000,000,401 | ---- | M] () -- C:\Windows\SysNative\Internet.lnk
[2016.01.06 11:57:22 | 001,475,392 | ---- | M] () -- C:\Users\test\Desktop\IMG_2304.JPG
[2016.01.01 20:42:26 | 000,000,401 | ---- | M] () -- C:\Users\test\Desktop\Internet.lnk
[2015.12.31 20:45:29 | 000,000,017 | ---- | M] () -- C:\Windows\SysWow64\history.dat
[2015.12.30 20:08:35 | 005,572,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.12.30 20:05:33 | 001,730,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015.12.30 20:02:28 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015.12.30 20:02:28 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015.12.30 20:02:28 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015.12.30 20:02:17 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015.12.30 20:01:56 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.12.30 20:01:56 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.12.30 20:01:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.12.30 20:01:55 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.12.30 20:01:14 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.12.30 20:01:10 | 001,214,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.12.30 20:00:23 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015.12.30 19:59:11 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.12.30 19:59:02 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.12.30 19:58:31 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.12.30 19:58:00 | 001,461,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.12.30 19:57:55 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015.12.30 19:57:55 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015.12.30 19:55:46 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.12.30 19:55:45 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.12.30 19:54:58 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.12.30 19:54:58 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.12.30 19:54:58 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.12.30 19:54:57 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.12.30 19:47:23 | 003,993,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.12.30 19:47:23 | 003,938,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.12.30 19:41:32 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015.12.30 19:39:32 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.12.30 19:39:17 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.12.30 19:37:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.12.30 19:37:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.12.30 19:37:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.12.30 19:37:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.12.30 19:37:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.12.30 19:37:34 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.12.30 19:37:34 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.12.30 19:37:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.12.30 19:37:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.12.30 19:37:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.12.30 19:37:30 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.12.30 18:57:51 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.12.30 18:50:50 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015.12.30 18:49:09 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.12.30 18:44:49 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.12.30 18:41:00 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.12.30 18:32:54 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015.12.30 18:32:53 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015.12.30 18:32:52 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015.12.30 18:32:51 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015.12.30 18:30:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.12.30 18:30:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.12.30 18:30:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.12.30 18:30:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.12.29 19:15:41 | 000,000,074 | ---- | M] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[2015.12.27 22:53:00 | 001,382,240 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2015.12.27 22:53:00 | 000,873,464 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2015.12.27 22:53:00 | 000,158,704 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2015.12.27 22:53:00 | 000,075,544 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2015.12.27 22:52:58 | 001,121,864 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2015.12.27 22:52:58 | 000,961,848 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2015.12.27 22:52:58 | 000,749,000 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2015.12.27 22:52:56 | 002,997,504 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2015.12.27 22:52:56 | 002,893,568 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2015.12.27 22:52:54 | 000,343,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2015.12.27 22:52:53 | 003,271,912 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2015.12.27 22:52:53 | 000,387,320 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.12.27 22:52:53 | 000,195,192 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2015.12.27 22:52:53 | 000,023,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2015.12.27 22:52:52 | 000,689,888 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2015.12.27 22:52:52 | 000,214,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.12.27 22:52:52 | 000,110,984 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.12.27 22:52:52 | 000,088,352 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015.12.27 22:52:50 | 001,351,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2015.12.27 22:52:49 | 004,005,405 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015.12.27 22:52:49 | 000,321,720 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.12.27 22:52:48 | 000,321,720 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.12.27 22:52:47 | 002,965,120 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2015.12.27 22:52:44 | 002,028,664 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2015.12.27 22:52:38 | 003,278,408 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.12.27 22:52:36 | 001,601,944 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2015.12.27 22:52:36 | 000,574,760 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2015.12.27 22:52:36 | 000,122,328 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015.12.27 22:52:36 | 000,118,600 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2015.12.26 23:26:38 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015.12.18 21:48:06 | 001,587,562 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.12.15 21:29:09 | 000,024,405 | ---- | M] () -- C:\Users\test\Desktop\Cenik_TP_OA+NA+TK_-201526.pdf
[2015.12.14 21:21:10 | 002,986,442 | ---- | M] () -- C:\Users\test\Desktop\ústavko - zápočtový test II.zip
[2015.12.14 21:20:42 | 002,986,442 | ---- | M] () -- C:\Users\test\Desktop\ústavko - zápočtový test.zip
[2015.12.13 13:50:16 | 000,001,075 | ---- | M] () -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk
[2015.12.12 23:43:06 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\KMPFaster.lnk
[2015.12.12 23:41:01 | 000,000,697 | ---- | M] () -- C:\Users\test\Desktop\KMPlayer.lnk
[2015.12.12 19:30:59 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.12.12 19:16:29 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.12.12 19:15:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.12.12 19:15:40 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.12.12 19:15:09 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.12.12 19:14:59 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.12.12 19:07:27 | 006,051,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.12.12 19:07:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.12.12 19:03:49 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.12.12 19:02:40 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.12.12 19:02:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.12.12 19:02:34 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.12.12 19:02:19 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.12.12 18:55:26 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.12.12 18:51:44 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.12.12 18:44:06 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.12.12 18:40:39 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.12.12 18:39:41 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.12.12 18:37:41 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.12.12 18:37:18 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.12.12 18:37:05 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.12.12 18:36:57 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.12.12 18:36:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.12.12 18:35:43 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015.12.12 18:30:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.12.12 18:28:38 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.12.12 18:27:24 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.12.12 18:27:22 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.12.12 18:27:04 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.12.12 18:23:11 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.12.12 18:22:58 | 000,718,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.12.12 18:21:12 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.12.12 18:20:50 | 002,123,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.12.12 18:14:57 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.12.12 18:12:17 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.12.12 18:10:58 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.12.12 18:08:59 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015.12.12 18:00:20 | 002,050,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.12.12 18:00:09 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.12.12 17:42:36 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.12.12 17:36:53 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.12.11 23:33:26 | 001,787,189 | ---- | M] () -- C:\Users\test\Desktop\CLS.jpeg
[2015.12.11 19:57:53 | 001,164,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.12.10 20:54:30 | 000,000,013 | ---- | M] () -- C:\Users\test\.pluto.tv
[2015.12.08 22:54:13 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2015.12.08 22:54:13 | 001,568,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2015.12.08 22:54:13 | 001,325,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOE.DLL
[2015.12.08 22:54:13 | 000,902,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2015.12.08 22:54:13 | 000,815,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOE.DLL
[2015.12.08 22:54:13 | 000,740,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2015.12.08 22:54:13 | 000,739,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2015.12.08 22:54:13 | 000,665,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2015.12.08 22:54:13 | 000,541,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2015.12.08 22:54:13 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSENCD.DLL
[2015.12.08 22:54:04 | 002,285,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2015.12.08 22:54:00 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\VIDRESZR.DLL
[2015.12.08 22:53:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RESAMPLEDMO.DLL
[2015.12.08 22:53:54 | 001,329,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2015.12.08 22:53:54 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2015.12.08 22:53:54 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2015.12.08 22:53:54 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2015.12.08 22:53:50 | 000,970,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2adec.dll
[2015.12.08 22:53:50 | 000,829,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2015.12.08 22:53:49 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MPG4DECD.DLL
[2015.12.08 22:53:48 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2015.12.08 22:53:48 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MP43DECD.DLL
[2015.12.08 22:53:48 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MP3DMOD.DLL
[2015.12.08 22:53:47 | 003,209,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2015.12.08 22:53:47 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MFWMAAEC.DLL
[2015.12.08 22:53:47 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2015.12.08 22:53:47 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2015.12.08 22:53:47 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfvdsp.dll
[2015.12.08 22:53:44 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2015.12.08 22:53:41 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devenum.dll
[2015.12.08 22:53:40 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\COLORCNV.DLL
[2015.12.08 22:53:25 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2015.12.08 22:53:19 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2015.12.08 22:53:08 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2015.12.08 22:50:41 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2015.12.08 20:07:52 | 001,955,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2015.12.08 20:07:52 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2015.12.08 20:07:52 | 001,575,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOE.DLL
[2015.12.08 20:07:52 | 001,393,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMALFXGFXDSP.dll
[2015.12.08 20:07:52 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2015.12.08 20:07:52 | 001,153,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOE.DLL
[2015.12.08 20:07:52 | 001,026,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2015.12.08 20:07:52 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2015.12.08 20:07:52 | 000,666,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2015.12.08 20:07:52 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2015.12.08 20:07:52 | 000,447,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSENCD.DLL
[2015.12.08 20:07:46 | 002,777,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2015.12.08 20:07:44 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VIDRESZR.DLL
[2015.12.08 20:07:42 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2015.12.08 20:07:39 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RESAMPLEDMO.DLL
[2015.12.08 20:07:36 | 001,573,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2015.12.08 20:07:36 | 000,624,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2015.12.08 20:07:36 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2015.12.08 20:07:36 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2015.12.08 20:07:33 | 001,307,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2adec.dll
[2015.12.08 20:07:33 | 001,160,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2015.12.08 20:07:32 | 004,121,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2015.12.08 20:07:32 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2015.12.08 20:07:32 | 000,653,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2015.12.08 20:07:32 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MFWMAAEC.DLL
[2015.12.08 20:07:32 | 000,432,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2015.12.08 20:07:32 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MPG4DECD.DLL
[2015.12.08 20:07:32 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MP43DECD.DLL
[2015.12.08 20:07:32 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2015.12.08 20:07:32 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MP3DMOD.DLL
[2015.12.08 20:07:32 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfvdsp.dll
[2015.12.08 20:07:31 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ksuser.dll
[2015.12.08 20:07:28 | 000,632,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2015.12.08 20:07:28 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.12.08 20:07:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\COLORCNV.DLL
[2015.12.08 20:07:25 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devenum.dll
[2015.12.08 20:07:23 | 000,879,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2015.12.08 20:07:07 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2015.12.08 20:06:59 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2015.12.08 20:06:44 | 000,250,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2015.12.08 20:04:27 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2015.12.08 19:54:36 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2015.12.08 19:12:08 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2015.12.06 14:07:24 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.12.06 13:50:24 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.12.06 13:50:24 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.12.05 21:07:47 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.12.04 23:10:12 | 011,531,536 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETwsw00.sys
[2015.12.04 23:09:36 | 000,458,960 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\k57nd60a.sys
[2015.12.01 10:33:25 | 000,055,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\jnhtnwej.sys
[2015.11.30 22:35:22 | 000,000,476 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015.11.30 18:15:28 | 000,000,000 | -H-- | M] () -- C:\asc_rdflag
[2015.11.28 18:33:45 | 000,393,153 | ---- | M] () -- C:\Users\test\Desktop\Zák. o PČR.pdf
[2015.11.28 00:04:19 | 000,092,415 | ---- | M] () -- C:\Users\test\Desktop\čs.pdf
[2015.11.22 22:16:38 | 000,210,571 | ---- | M] () -- C:\Users\test\Desktop\Daňové přiznání_zápočet.PDF
[2015.11.22 14:02:33 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015.11.20 19:54:59 | 003,170,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.11.20 19:54:59 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.11.20 19:54:59 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.11.20 19:54:59 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.11.20 19:54:59 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.11.20 19:54:58 | 000,709,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.11.20 19:54:28 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.11.20 19:54:18 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.11.20 19:54:15 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.11.20 19:54:15 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.11.20 19:34:36 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.11.20 19:34:36 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.11.20 19:34:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.11.20 19:34:35 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.11.20 19:33:56 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.11.17 02:11:57 | 000,025,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.11.17 02:08:25 | 000,705,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.11.17 02:08:23 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.11.17 02:08:20 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.11.17 02:08:18 | 001,381,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.11.17 02:08:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.11.16 21:17:46 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.11.14 00:09:16 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2015.11.14 00:09:16 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2015.11.14 00:08:28 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2015.11.13 23:50:01 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2015.11.13 23:49:15 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fixmapi.exe
[2015.11.13 20:59:54 | 000,048,914 | ---- | M] () -- C:\Users\test\Desktop\Já_old school.jpg
[2015.11.11 19:53:48 | 001,735,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2015.11.11 19:53:47 | 000,525,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2015.11.11 19:39:34 | 001,242,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2015.11.11 19:39:33 | 000,487,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2015.11.10 19:55:29 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015.11.10 19:55:26 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2015.11.05 20:05:04 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wshrm.dll
[2015.11.05 20:02:52 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2015.11.05 10:53:59 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2015.11.03 20:04:51 | 000,802,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2015.11.03 20:04:37 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\els.dll
[2015.11.03 19:55:58 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\els.dll
[2015.11.02 11:28:48 | 000,000,383 | ---- | M] () -- C:\ftconfig.ini
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016.01.30 21:27:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.01.29 20:54:53 | 001,222,144 | ---- | C] () -- C:\Users\test\Desktop\RSITx64.exe
[2016.01.10 20:54:45 | 000,000,722 | ---- | C] () -- C:\Users\Public\Desktop\MPC Cleaner.lnk
[2016.01.09 21:10:17 | 001,475,392 | ---- | C] () -- C:\Users\test\Desktop\IMG_2304.JPG
[2016.01.01 20:42:26 | 000,000,401 | ---- | C] () -- C:\Users\test\Desktop\Internet.lnk
[2015.12.28 20:56:05 | 000,844,815 | ---- | C] () -- C:\Users\test\Desktop\PSD kurz.jpg
[2015.12.28 20:52:39 | 000,212,665 | ---- | C] () -- C:\Users\test\Desktop\Střelnice.jpg
[2015.12.27 22:52:49 | 004,005,405 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015.12.26 21:35:50 | 000,000,401 | ---- | C] () -- C:\Windows\SysNative\Internet.lnk
[2015.12.23 15:54:53 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\PPTAssistantNotifyTask_test.job
[2015.12.23 15:54:50 | 000,000,596 | ---- | C] () -- C:\Windows\tasks\PPTAssistantUpdateTask_test.job
[2015.12.18 20:27:58 | 000,036,592 | ---- | C] () -- C:\Users\test\Desktop\4
[2015.12.15 21:29:06 | 000,024,405 | ---- | C] () -- C:\Users\test\Desktop\Cenik_TP_OA+NA+TK_-201526.pdf
[2015.12.14 21:21:10 | 002,986,442 | ---- | C] () -- C:\Users\test\Desktop\ústavko - zápočtový test II.zip
[2015.12.14 21:20:41 | 002,986,442 | ---- | C] () -- C:\Users\test\Desktop\ústavko - zápočtový test.zip
[2015.12.13 13:50:16 | 000,001,075 | ---- | C] () -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk
[2015.12.12 23:43:06 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\KMPFaster.lnk
[2015.12.12 23:42:42 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2015.12.12 23:41:01 | 000,000,697 | ---- | C] () -- C:\Users\test\Desktop\KMPlayer.lnk
[2015.12.11 23:34:10 | 001,787,189 | ---- | C] () -- C:\Users\test\Desktop\CLS.jpeg
[2015.12.10 20:54:30 | 000,000,013 | ---- | C] () -- C:\Users\test\.pluto.tv
[2015.12.06 13:56:21 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\history.dat
[2015.12.06 01:50:01 | 005,693,162 | ---- | C] () -- C:\Users\test\Desktop\Výcvik.jpg
[2015.12.05 21:07:47 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.12.02 21:50:38 | 000,000,074 | ---- | C] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[2015.11.30 22:35:22 | 000,000,476 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015.11.30 18:15:28 | 000,000,000 | -H-- | C] () -- C:\asc_rdflag
[2015.11.28 18:33:44 | 000,393,153 | ---- | C] () -- C:\Users\test\Desktop\Zák. o PČR.pdf
[2015.11.28 00:04:19 | 000,092,415 | ---- | C] () -- C:\Users\test\Desktop\čs.pdf
[2015.11.22 22:16:33 | 000,210,571 | ---- | C] () -- C:\Users\test\Desktop\Daňové přiznání_zápočet.PDF
[2015.11.22 14:02:33 | 000,002,048 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015.11.22 14:02:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.11.14 00:20:03 | 000,261,142 | ---- | C] () -- C:\Users\test\Desktop\Já_ZOP.jpg
[2015.11.13 20:59:53 | 000,048,914 | ---- | C] () -- C:\Users\test\Desktop\Já_old school.jpg
[2015.11.02 11:28:48 | 000,000,383 | ---- | C] () -- C:\ftconfig.ini
[2015.07.29 22:05:17 | 037,748,880 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2014.11.30 22:21:28 | 000,001,822 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2014.11.30 22:21:28 | 000,001,822 | ---- | C] () -- C:\Windows\SysWow64\vm331Rmv.ini
[2012.03.20 23:26:52 | 000,000,017 | ---- | C] () -- C:\Users\test\AppData\Local\resmon.resmoncfg
[2012.01.15 19:42:15 | 000,000,092 | ---- | C] () -- C:\Users\test\AppData\Local\fusioncache.dat
[2012.01.14 13:45:24 | 000,008,192 | ---- | C] () -- C:\Users\test\AppData\Roaming\records_db
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.12.10 21:40:42 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\AVG
[2013.09.18 21:35:37 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Babylon
[2012.01.14 15:52:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Canneverbe Limited
[2013.04.29 18:57:13 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Canon
[2016.01.10 18:00:59 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\eCyber
[2012.02.26 20:38:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ESET
[2012.07.07 12:54:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Fighters
[2012.01.24 22:02:26 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\GHISLER
[2013.01.29 21:50:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Inv Softworks
[2015.12.01 11:39:38 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\IObit
[2015.12.23 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\kingsoft
[2012.07.09 20:52:28 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Nokia
[2015.12.10 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\OpenCandy
[2015.12.18 18:00:17 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Opera Software
[2012.01.15 09:16:14 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\PC Suite
[2015.12.23 15:55:36 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\pptassist
[2015.11.05 21:03:35 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ProductData
[2014.12.10 21:36:09 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\RHEng
[2014.06.13 19:44:31 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SanDisk
[2013.09.19 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SanDisk SecureAccess
[2016.01.16 23:44:02 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Seznam Browser
[2014.11.30 16:39:53 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SketchUp
[2014.04.06 16:28:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\systweak
[2015.12.14 20:42:10 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\TSv
[2016.01.30 21:02:52 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ViberPC
[2012.03.20 21:30:37 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\wargaming.net
[2015.12.30 21:14:24 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\WinZipper
[2012.04.02 10:46:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,568 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.13 19:49:10 | 000,000,956 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
[2012.04.13 19:49:11 | 000,000,978 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000UA.job
[2012.11.06 10:53:26 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.30 23:01:44 | 000,000,534 | ---- | C] () -- C:\Windows\Tasks\Datová skartovačka - $RECYCLER .job
[2013.05.17 18:53:17 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.17 18:53:18 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.12.23 15:54:50 | 000,000,596 | ---- | C] () -- C:\Windows\Tasks\PPTAssistantUpdateTask_test.job
[2015.12.23 15:54:53 | 000,000,326 | ---- | C] () -- C:\Windows\Tasks\PPTAssistantNotifyTask_test.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 05:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[53 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[72 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\357c8435a7f80800732a3f695f44b143\*.tmp files -> C:\Windows\SoftwareDistribution\Download\357c8435a7f80800732a3f695f44b143\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[10 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.01.14 12:08:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Adobe
[2013.10.21 18:44:55 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Apple Computer
[2014.12.10 21:40:42 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\AVG
[2013.09.18 21:35:37 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Babylon
[2012.01.14 15:52:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Canneverbe Limited
[2013.04.29 18:57:13 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Canon
[2013.01.12 07:39:08 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\dvdcss
[2016.01.10 18:00:59 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\eCyber
[2012.02.26 20:38:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ESET
[2012.07.07 12:54:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Fighters
[2012.01.24 22:02:26 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\GHISLER
[2012.01.14 16:52:13 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Identities
[2012.01.14 17:22:14 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\InstallShield
[2012.01.14 11:35:50 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Intel
[2013.01.29 21:50:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Inv Softworks
[2015.12.01 11:39:38 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\IObit
[2015.12.23 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\kingsoft
[2012.01.14 11:14:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Macromedia
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Media Center Programs
[2015.08.11 20:48:40 | 000,000,000 | --SD | M] -- C:\Users\test\AppData\Roaming\Microsoft
[2015.12.03 22:35:53 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Mozilla
[2012.07.09 20:52:28 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Nokia
[2015.12.10 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\OpenCandy
[2015.12.18 18:00:17 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Opera Software
[2012.01.15 09:16:14 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\PC Suite
[2015.12.23 15:55:36 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\pptassist
[2015.11.05 21:03:35 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ProductData
[2014.12.10 21:36:09 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\RHEng
[2014.06.13 19:44:31 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SanDisk
[2013.09.19 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SanDisk SecureAccess
[2012.01.15 08:43:50 | 000,000,000 | RH-D | M] -- C:\Users\test\AppData\Roaming\SecuROM
[2016.01.16 23:44:02 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Seznam Browser
[2014.11.30 16:39:53 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SketchUp
[2015.04.24 20:39:25 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Skype
[2014.04.06 16:28:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\systweak
[2015.12.14 20:42:10 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\TSv
[2016.01.30 21:02:52 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ViberPC
[2015.03.10 21:41:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Vidalia
[2013.01.19 17:32:38 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\vlc
[2012.03.20 21:30:37 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\wargaming.net
[2012.01.23 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\WinRAR
[2015.12.30 21:14:24 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\WinZipper
[2012.04.02 10:46:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2014.11.30 22:10:05 | 000,777,504 | ---- | M] () -- C:\Users\test\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014.11.30 22:09:32 | 002,197,280 | ---- | M] (IObit) -- C:\Users\test\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2015.12.25 13:05:13 | 000,098,664 | ---- | M] (Zhuhai Kingsoft Office Software Co.,Ltd) -- C:\Users\test\AppData\Roaming\kingsoft\pptassist\update\down\fileconn.exe
[2015.12.23 21:05:20 | 000,744,312 | ---- | M] () -- C:\Users\test\AppData\Roaming\kingsoft\pptassist\update\down\ktpcntrstp1.exe
[2015.08.11 20:48:40 | 000,119,808 | R--- | M] () -- C:\Users\test\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
[2015.11.30 22:18:44 | 000,316,192 | ---- | M] () -- C:\Users\test\AppData\Roaming\OpenCandy\18E5C91826A54A20BA3E880A9262467B\setup.exe
[2013.09.18 21:36:54 | 000,914,400 | ---- | M] () -- C:\Users\test\AppData\Roaming\OpenCandy\5299BA8CFCCC4DAABE9ABD4B9E70BEB0\PasswordBoxCHSTORE_p1v0.exe
[2013.09.20 14:57:47 | 000,914,400 | ---- | M] () -- C:\Users\test\AppData\Roaming\OpenCandy\761C38E6E98245568CA59F1F755014F4\PasswordBoxCHSTORE_p1v0.exe
[2013.01.29 03:33:10 | 032,682,184 | ---- | M] (SweetLabs,Inc.) -- C:\Users\test\AppData\Roaming\OpenCandy\98BB92F0F51F45BEB7D7CD269C74D982\version51030bc4470a0.exe
[2015.12.10 20:52:49 | 072,500,800 | ---- | M] (Pluto TV ) -- C:\Users\test\AppData\Roaming\OpenCandy\A1933B7FF7C84BF4A20F793635560AEB\PlutoTVSetup0910.exe
[2016.01.20 19:01:20 | 000,576,872 | ---- | M] (珠海金山办公软件有限公司) -- C:\Users\test\AppData\Roaming\pptassist\update\down\tbdtip1.exe
[2014.12.10 21:38:08 | 048,113,464 | ---- | M] (AVG Technologies) -- C:\Users\test\AppData\Roaming\RHEng\71420DF166904D6AA7EA4D53EFA12922\AVG-PC-TuneUp2015_CS_2200604.exe
[2014.12.10 21:43:25 | 000,683,104 | ---- | M] (Opera Software) -- C:\Users\test\AppData\Roaming\RHEng\7ADB81964F9442E5AB79E132191EFA3C\Opera_NI_stable.exe
[2012.02.14 08:39:36 | 030,705,792 | ---- | M] (Gemalto N.V.) -- C:\Users\test\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
[2015.01.20 10:22:10 | 001,490,944 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\ImportFavs.exe
[2015.01.28 11:55:26 | 004,777,984 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\nwsnapshot.exe
[2015.09.30 18:00:20 | 000,057,024 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\restart.exe
[2015.12.15 13:50:36 | 000,040,120 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\restartBack.exe
[2016.01.13 15:01:36 | 046,373,056 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
[2015.10.22 20:23:46 | 000,116,219 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\uninstall.exe
[2015.06.18 15:48:04 | 000,167,936 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\unzip.exe
[2015.12.07 14:31:14 | 000,245,248 | ---- | M] (Paralint.com) -- C:\Users\test\AppData\Roaming\Seznam Browser\node_modules\node-notifier\vendor\notifu\notifu.exe
[2015.12.07 14:31:14 | 000,323,584 | ---- | M] (Paralint.com) -- C:\Users\test\AppData\Roaming\Seznam Browser\node_modules\node-notifier\vendor\notifu\notifu64.exe
[2015.12.07 14:31:14 | 000,014,848 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\node_modules\node-notifier\vendor\toaster\toast.exe
[2015.12.08 09:05:54 | 000,580,752 | ---- | M] (tsvr.com) -- C:\Users\test\AppData\Roaming\TSv\TSvr.exe
[2015.12.30 21:14:29 | 000,432,128 | ---- | M] (equal max) -- C:\Users\test\AppData\Roaming\WinZipper\update\zip_update_v1.5.132.exe
[2016.01.20 19:18:09 | 002,921,072 | ---- | M] () -- C:\Users\test\AppData\Roaming\WinZipper\update\zip_update_v1.5.137.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2015.12.06 14:07:24 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016.01.30 21:02:04 | 000,000,534 | ---- | M] () -- C:\Windows\Tasks\Datová skartovačka - $RECYCLER .job
[2016.01.20 18:43:32 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
[2015.02.09 19:34:20 | 000,000,978 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000UA.job
[2016.01.30 21:02:07 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016.01.30 22:10:04 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2016.01.30 22:15:02 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\PPTAssistantNotifyTask_test.job
[2016.01.30 22:12:40 | 000,000,596 | ---- | M] () -- C:\Windows\Tasks\PPTAssistantUpdateTask_test.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"GoogleChromeAutoLaunch_1B0E81B795B08FCFC87354BB5741BA8D" = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window -- [2016.01.12 17:36:02 | 000,748,360 | ---- | M] (Google Inc.)
"apphide" = C:\Program Files (x86)\baidu\ppt.exe -- [2015.10.21 22:09:34 | 000,081,920 | -H-- | M] ()
"Viber" = "C:\Users\test\AppData\Local\Viber\Viber.exe" StartMinimized -- [2015.11.09 11:26:08 | 051,657,424 | ---- | M] ()
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015.11.16 17:54:04 | 008,591,272 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.12.23 23:52:08 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=0E5C2FBD4CF9CB08DCDA586247195FF2 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016.01.12 17:36:02 | 000,748,360 | ---- | M] (Google Inc.) MD5=23294E80AF6A4C653522D12A391933A1 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016.01.30 21:27:42 | 000,000,512 | ---- | M] () MD5=B04F9F998A9F71EDAED5DCC5481DAA97 -- C:\PhysicalMBR.bin
[3 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2014.02.05 18:41:19 | 000,213,184 | ---- | M] () -- \Hry\World_of_Tanks\res\audio\objects_ice_crack.fsb
< *keygen* /s >
< *loader* /s >
[2015.05.15 15:27:10 | 000,060,712 | ---- | M] () -- \Common Files\Apple\Apple Application Support\YSLoader.exe
[2015.04.26 13:02:04 | 000,043,816 | ---- | M] () -- \Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
[2015.04.26 13:02:04 | 001,505,576 | ---- | M] () -- \Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader_main.dll
[2014.09.03 00:27:24 | 000,268,432 | ---- | M] () -- \Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 00:27:24 | 000,019,096 | ---- | M] () -- \Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2015.07.24 05:22:02 | 001,176,720 | ---- | M] () -- \GFExperience\ExtensionLoader.dll
[2013.01.09 18:20:26 | 000,071,208 | ---- | M] () -- \Hry\World_of_Tanks\PhysXLoader.dll
[2015.11.11 16:13:56 | 000,009,971 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\app_loader\loader.pyc
[2015.11.11 16:13:56 | 000,001,512 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2015.11.11 16:13:56 | 000,002,209 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2015.11.11 16:13:56 | 000,007,130 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2015.11.11 16:13:56 | 000,003,955 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2015.11.11 16:13:56 | 000,002,753 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2015.11.11 16:13:59 | 000,001,519 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2015.11.11 16:13:59 | 000,006,157 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2015.11.11 16:14:00 | 000,011,861 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\shared\remotedatadownloader.pyc
[2015.11.11 16:14:00 | 000,003,419 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2015.11.11 16:14:02 | 000,011,524 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2015.11.11 16:07:35 | 000,011,336 | ---- | M] () -- \Hry\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2015.11.11 16:07:35 | 000,049,402 | ---- | M] () -- \Hry\World_of_Tanks\res_bw\scripts\common\lib\unittest\test\test_loader.pyc
[2013.08.15 21:27:46 | 000,010,773 | ---- | M] () -- \IObit\Advanced SystemCare 6\Downloader.log
[2015.04.08 15:33:08 | 002,163,488 | ---- | M] () -- \IObit\Advanced SystemCare 8\ActionCenterDownloader.exe
[2015.06.23 13:41:58 | 002,193,728 | ---- | M] () -- \IObit\Driver Booster\IObitDownloader.exe
[2015.07.06 14:31:20 | 002,193,728 | ---- | M] () -- \IObit\Driver Booster\Freeware\IObitDownloader.exe
[2015.01.09 17:46:14 | 002,157,344 | ---- | M] () -- \IObit\IObit Malware Fighter\IMF_ActionCenterDownloader.exe
[2015.01.19 21:04:52 | 002,158,880 | ---- | M] () -- \IObit\IObit Uninstaller\Downloader.exe
[2015.01.14 19:51:39 | 002,156,832 | ---- | M] () -- \IObit\IObit Uninstaller\IObitDownloader.exe
[2015.01.16 16:19:22 | 002,161,440 | ---- | M] () -- \IObit\Smart Defrag 4\ActionCenterDownloader.exe
[2015.01.19 16:23:36 | 002,161,440 | ---- | M] () -- \IObit\Smart Defrag 4\Freeware\SD_FreeSoftwareDownloader.exe
[2015.07.24 05:22:13 | 000,916,112 | ---- | M] () -- \NVI2\NVDownloader.dll
[2015.07.24 05:21:16 | 000,028,430 | ---- | M] () -- \NVI2\NVI2DownloaderExt.CFG
[2015.07.24 05:22:13 | 000,828,048 | ---- | M] () -- \NVI2\NVI2DownloaderExt.DLL
[2015.07.24 05:22:02 | 001,176,720 | ---- | M] () -- \NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2015.07.25 00:28:36 | 000,057,592 | ---- | M] () -- \NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2015.07.25 00:28:36 | 000,065,784 | ---- | M] () -- \NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2015.07.25 00:28:36 | 000,073,976 | ---- | M] () -- \NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2015.07.25 00:28:36 | 000,090,872 | ---- | M] () -- \NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2015.07.25 00:28:36 | 000,057,592 | ---- | M] () -- \PhysX\files\Common\PhysXLoader.dll
[2015.07.25 00:28:36 | 000,065,784 | ---- | M] () -- \PhysX\files\Common\PhysXLoader64.dll
[2015.07.25 00:28:36 | 000,073,976 | ---- | M] () -- \PhysX\files\Common\PhysXUpdateLoader.dll
[2015.07.25 00:28:36 | 000,090,872 | ---- | M] () -- \PhysX\files\Common\PhysXUpdateLoader64.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.10 21:46:23 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.05 20:35:55 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.07 21:11:44 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.05 20:35:54 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.07 21:11:43 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.12 20:39:18 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.03.12 20:39:18 | 000,033,208 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.efi.mui_35ee487d
[2015.03.12 20:39:18 | 000,034,752 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.exe.mui_3bc5b827
[2015.03.12 20:39:18 | 000,029,624 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.efi.mui_f412814e
[2015.03.12 20:39:18 | 000,030,136 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.exe.mui_ff8b5358
[2015.03.12 20:39:21 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.03.12 20:39:21 | 000,693,176 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015.03.12 20:39:22 | 000,619,056 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015.03.12 20:39:22 | 000,616,360 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015.03.12 20:39:22 | 000,532,176 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.05 20:37:09 | 000,000,616 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.02.03 05:49:45 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.01.16 07:36:46 | 000,004,141 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.27 06:32:05 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.02.03 06:30:16 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.05.05 20:34:25 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.06.07 21:11:12 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 04:51:30 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.01.16 07:37:02 | 000,005,511 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 05:22:06 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 05:17:47 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.05.05 20:34:28 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.06.07 21:11:14 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.10 21:46:23 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.05 20:35:56 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.07 21:11:44 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.05 20:35:54 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.07 21:11:44 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \SOFTWARE\The KMPlayer\ImLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Sta×enř software\The KMPlayer\ImLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Stažený software\KMPlayer\ImLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \The KMPlayer\ImLoader.dll
[2013.08.21 12:48:08 | 000,071,208 | ---- | M] () -- \WOT test\PhysXLoader.dll
[2013.08.21 12:48:08 | 000,002,221 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2013.08.21 12:48:08 | 000,007,015 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2013.08.21 12:48:08 | 000,003,974 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2013.08.29 11:52:04 | 000,006,629 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2013.08.21 12:48:08 | 000,002,773 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2013.08.21 12:48:08 | 000,001,504 | ---- | M] () -- \WOT test\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2013.08.21 12:48:08 | 000,006,493 | ---- | M] () -- \WOT test\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2013.08.21 12:48:08 | 000,003,668 | ---- | M] () -- \WOT test\res\scripts\client\helpers\rssdownloader.pyc
[2013.08.21 12:48:08 | 000,006,907 | ---- | M] () -- \WOT test\res\scripts\client\tutorial\loader.pyc
[2011.12.06 12:06:24 | 000,429,568 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 13:12:40 | 000,053,640 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.12.06 12:06:24 | 000,319,488 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Facebook\en\ZPSFacebookUploader.resources.dll
[2011.12.06 12:06:40 | 000,444,416 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 13:12:42 | 000,053,640 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.12.06 12:06:40 | 000,323,584 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Flickr\en\ZPSFlickrUploader.resources.dll
[2011.03.08 16:09:04 | 000,194,048 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 13:12:40 | 000,053,640 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2010.11.11 11:07:12 | 000,323,584 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Picasa\en\ZPSPicasaUploader.resources.dll
[2011.12.21 17:07:52 | 000,102,792 | ---- | M] () -- \Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.12.21 17:08:06 | 000,016,776 | ---- | M] () -- \Zoner\Photo Studio 14\Program32\WICLoader.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 5960 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
[2016.01.30 21:27:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.01.30 21:17:18 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.01.30 21:17:18 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.01.30 21:15:13 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\PPTAssistantNotifyTask_test.job
[2016.01.30 21:12:23 | 000,000,596 | ---- | M] () -- C:\Windows\tasks\PPTAssistantUpdateTask_test.job
[2016.01.30 21:10:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016.01.30 21:06:45 | 000,677,826 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016.01.30 21:06:45 | 000,663,248 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016.01.30 21:06:45 | 000,146,712 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016.01.30 21:06:45 | 000,126,378 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016.01.30 21:06:44 | 001,611,912 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016.01.30 21:02:07 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016.01.30 21:02:05 | 000,000,722 | ---- | M] () -- C:\Users\Public\Desktop\MPC Cleaner.lnk
[2016.01.30 21:02:04 | 000,000,534 | ---- | M] () -- C:\Windows\tasks\Datová skartovačka - $RECYCLER .job
[2016.01.30 20:58:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.01.30 20:58:48 | 3177,074,688 | -HS- | M] () -- C:\hiberfil.sys
[2016.01.29 20:55:00 | 001,222,144 | ---- | M] () -- C:\Users\test\Desktop\RSITx64.exe
[2016.01.28 22:13:20 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\test\Desktop\FRSTLauncher.exe
[2016.01.28 22:09:50 | 002,370,560 | ---- | M] (Farbar) -- C:\Users\test\Desktop\FRST64.exe
[2016.01.27 20:58:52 | 000,060,136 | ---- | M] (DotC United Inc) -- C:\Windows\SysNative\drivers\MPCKpt.sys
[2016.01.20 18:43:32 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
[2016.01.17 19:57:13 | 000,409,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016.01.16 20:45:56 | 000,000,401 | ---- | M] () -- C:\Windows\SysNative\Internet.lnk
[2016.01.06 11:57:22 | 001,475,392 | ---- | M] () -- C:\Users\test\Desktop\IMG_2304.JPG
[2016.01.01 20:42:26 | 000,000,401 | ---- | M] () -- C:\Users\test\Desktop\Internet.lnk
[2015.12.31 20:45:29 | 000,000,017 | ---- | M] () -- C:\Windows\SysWow64\history.dat
[2015.12.30 20:08:35 | 005,572,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.12.30 20:05:33 | 001,730,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015.12.30 20:02:28 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015.12.30 20:02:28 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015.12.30 20:02:28 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015.12.30 20:02:17 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015.12.30 20:01:56 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.12.30 20:01:56 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.12.30 20:01:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.12.30 20:01:55 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.12.30 20:01:14 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.12.30 20:01:10 | 001,214,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.12.30 20:00:23 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015.12.30 19:59:11 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.12.30 19:59:02 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.12.30 19:58:31 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.12.30 19:58:00 | 001,461,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.12.30 19:57:55 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015.12.30 19:57:55 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015.12.30 19:55:46 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.12.30 19:55:45 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.12.30 19:54:58 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.12.30 19:54:58 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.12.30 19:54:58 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.12.30 19:54:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.12.30 19:54:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.12.30 19:54:57 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.12.30 19:47:23 | 003,993,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.12.30 19:47:23 | 003,938,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.12.30 19:41:32 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015.12.30 19:39:32 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.12.30 19:39:17 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.12.30 19:37:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.12.30 19:37:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.12.30 19:37:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.12.30 19:37:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.12.30 19:37:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.12.30 19:37:34 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.12.30 19:37:34 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.12.30 19:37:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.12.30 19:37:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.12.30 19:37:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.12.30 19:37:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.12.30 19:37:30 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.12.30 18:57:51 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.12.30 18:50:50 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015.12.30 18:49:09 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.12.30 18:44:49 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.12.30 18:41:00 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.12.30 18:32:54 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015.12.30 18:32:53 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015.12.30 18:32:52 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015.12.30 18:32:51 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015.12.30 18:30:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.12.30 18:30:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.12.30 18:30:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.12.30 18:30:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.12.29 19:15:41 | 000,000,074 | ---- | M] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[2015.12.27 22:53:00 | 001,382,240 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2015.12.27 22:53:00 | 000,873,464 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2015.12.27 22:53:00 | 000,158,704 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2015.12.27 22:53:00 | 000,075,544 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2015.12.27 22:52:58 | 001,121,864 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2015.12.27 22:52:58 | 000,961,848 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2015.12.27 22:52:58 | 000,749,000 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2015.12.27 22:52:56 | 002,997,504 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2015.12.27 22:52:56 | 002,893,568 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2015.12.27 22:52:54 | 000,343,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2015.12.27 22:52:53 | 003,271,912 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2015.12.27 22:52:53 | 000,387,320 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.12.27 22:52:53 | 000,195,192 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2015.12.27 22:52:53 | 000,023,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2015.12.27 22:52:52 | 000,689,888 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2015.12.27 22:52:52 | 000,214,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.12.27 22:52:52 | 000,110,984 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.12.27 22:52:52 | 000,088,352 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015.12.27 22:52:50 | 001,351,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2015.12.27 22:52:49 | 004,005,405 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015.12.27 22:52:49 | 000,321,720 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.12.27 22:52:48 | 000,321,720 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.12.27 22:52:47 | 002,965,120 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2015.12.27 22:52:44 | 002,028,664 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2015.12.27 22:52:38 | 003,278,408 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.12.27 22:52:36 | 001,601,944 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2015.12.27 22:52:36 | 000,574,760 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2015.12.27 22:52:36 | 000,122,328 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015.12.27 22:52:36 | 000,118,600 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2015.12.26 23:26:38 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015.12.18 21:48:06 | 001,587,562 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.12.15 21:29:09 | 000,024,405 | ---- | M] () -- C:\Users\test\Desktop\Cenik_TP_OA+NA+TK_-201526.pdf
[2015.12.14 21:21:10 | 002,986,442 | ---- | M] () -- C:\Users\test\Desktop\ústavko - zápočtový test II.zip
[2015.12.14 21:20:42 | 002,986,442 | ---- | M] () -- C:\Users\test\Desktop\ústavko - zápočtový test.zip
[2015.12.13 13:50:16 | 000,001,075 | ---- | M] () -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk
[2015.12.12 23:43:06 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\KMPFaster.lnk
[2015.12.12 23:41:01 | 000,000,697 | ---- | M] () -- C:\Users\test\Desktop\KMPlayer.lnk
[2015.12.12 19:30:59 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.12.12 19:16:29 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.12.12 19:15:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.12.12 19:15:40 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.12.12 19:15:09 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.12.12 19:14:59 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.12.12 19:07:27 | 006,051,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.12.12 19:07:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.12.12 19:03:49 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.12.12 19:02:40 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.12.12 19:02:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.12.12 19:02:34 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.12.12 19:02:19 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.12.12 18:55:26 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.12.12 18:51:44 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.12.12 18:44:06 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.12.12 18:40:39 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.12.12 18:39:41 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.12.12 18:37:41 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.12.12 18:37:18 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.12.12 18:37:05 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.12.12 18:36:57 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.12.12 18:36:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.12.12 18:35:43 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015.12.12 18:30:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.12.12 18:28:38 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.12.12 18:27:24 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.12.12 18:27:22 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.12.12 18:27:04 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.12.12 18:23:11 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.12.12 18:22:58 | 000,718,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.12.12 18:21:12 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.12.12 18:20:50 | 002,123,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.12.12 18:14:57 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.12.12 18:12:17 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.12.12 18:10:58 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.12.12 18:08:59 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015.12.12 18:00:20 | 002,050,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.12.12 18:00:09 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.12.12 17:42:36 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.12.12 17:36:53 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.12.11 23:33:26 | 001,787,189 | ---- | M] () -- C:\Users\test\Desktop\CLS.jpeg
[2015.12.11 19:57:53 | 001,164,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.12.10 20:54:30 | 000,000,013 | ---- | M] () -- C:\Users\test\.pluto.tv
[2015.12.08 22:54:13 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2015.12.08 22:54:13 | 001,568,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2015.12.08 22:54:13 | 001,325,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOE.DLL
[2015.12.08 22:54:13 | 000,902,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2015.12.08 22:54:13 | 000,815,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOE.DLL
[2015.12.08 22:54:13 | 000,740,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2015.12.08 22:54:13 | 000,739,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2015.12.08 22:54:13 | 000,665,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2015.12.08 22:54:13 | 000,541,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2015.12.08 22:54:13 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSENCD.DLL
[2015.12.08 22:54:04 | 002,285,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2015.12.08 22:54:00 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\VIDRESZR.DLL
[2015.12.08 22:53:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RESAMPLEDMO.DLL
[2015.12.08 22:53:54 | 001,329,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2015.12.08 22:53:54 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2015.12.08 22:53:54 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2015.12.08 22:53:54 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2015.12.08 22:53:50 | 000,970,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2adec.dll
[2015.12.08 22:53:50 | 000,829,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2015.12.08 22:53:49 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MPG4DECD.DLL
[2015.12.08 22:53:48 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2015.12.08 22:53:48 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MP43DECD.DLL
[2015.12.08 22:53:48 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MP3DMOD.DLL
[2015.12.08 22:53:47 | 003,209,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2015.12.08 22:53:47 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MFWMAAEC.DLL
[2015.12.08 22:53:47 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2015.12.08 22:53:47 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2015.12.08 22:53:47 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfvdsp.dll
[2015.12.08 22:53:44 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2015.12.08 22:53:41 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devenum.dll
[2015.12.08 22:53:40 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\COLORCNV.DLL
[2015.12.08 22:53:25 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2015.12.08 22:53:19 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2015.12.08 22:53:08 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2015.12.08 22:50:41 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2015.12.08 20:07:52 | 001,955,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2015.12.08 20:07:52 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2015.12.08 20:07:52 | 001,575,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOE.DLL
[2015.12.08 20:07:52 | 001,393,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMALFXGFXDSP.dll
[2015.12.08 20:07:52 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2015.12.08 20:07:52 | 001,153,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOE.DLL
[2015.12.08 20:07:52 | 001,026,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2015.12.08 20:07:52 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2015.12.08 20:07:52 | 000,666,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2015.12.08 20:07:52 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2015.12.08 20:07:52 | 000,447,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSENCD.DLL
[2015.12.08 20:07:46 | 002,777,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2015.12.08 20:07:44 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VIDRESZR.DLL
[2015.12.08 20:07:42 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2015.12.08 20:07:39 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RESAMPLEDMO.DLL
[2015.12.08 20:07:36 | 001,573,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2015.12.08 20:07:36 | 000,624,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2015.12.08 20:07:36 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2015.12.08 20:07:36 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2015.12.08 20:07:33 | 001,307,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2adec.dll
[2015.12.08 20:07:33 | 001,160,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2015.12.08 20:07:32 | 004,121,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2015.12.08 20:07:32 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2015.12.08 20:07:32 | 000,653,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2015.12.08 20:07:32 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MFWMAAEC.DLL
[2015.12.08 20:07:32 | 000,432,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2015.12.08 20:07:32 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MPG4DECD.DLL
[2015.12.08 20:07:32 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MP43DECD.DLL
[2015.12.08 20:07:32 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2015.12.08 20:07:32 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MP3DMOD.DLL
[2015.12.08 20:07:32 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfvdsp.dll
[2015.12.08 20:07:31 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ksuser.dll
[2015.12.08 20:07:28 | 000,632,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2015.12.08 20:07:28 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.12.08 20:07:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\COLORCNV.DLL
[2015.12.08 20:07:25 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devenum.dll
[2015.12.08 20:07:23 | 000,879,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2015.12.08 20:07:07 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2015.12.08 20:06:59 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2015.12.08 20:06:44 | 000,250,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2015.12.08 20:04:27 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2015.12.08 19:54:36 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2015.12.08 19:12:08 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2015.12.06 14:07:24 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.12.06 13:50:24 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.12.06 13:50:24 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.12.05 21:07:47 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.12.04 23:10:12 | 011,531,536 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETwsw00.sys
[2015.12.04 23:09:36 | 000,458,960 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\k57nd60a.sys
[2015.12.01 10:33:25 | 000,055,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\jnhtnwej.sys
[2015.11.30 22:35:22 | 000,000,476 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015.11.30 18:15:28 | 000,000,000 | -H-- | M] () -- C:\asc_rdflag
[2015.11.28 18:33:45 | 000,393,153 | ---- | M] () -- C:\Users\test\Desktop\Zák. o PČR.pdf
[2015.11.28 00:04:19 | 000,092,415 | ---- | M] () -- C:\Users\test\Desktop\čs.pdf
[2015.11.22 22:16:38 | 000,210,571 | ---- | M] () -- C:\Users\test\Desktop\Daňové přiznání_zápočet.PDF
[2015.11.22 14:02:33 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015.11.20 19:54:59 | 003,170,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.11.20 19:54:59 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.11.20 19:54:59 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.11.20 19:54:59 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.11.20 19:54:59 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.11.20 19:54:58 | 000,709,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.11.20 19:54:28 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.11.20 19:54:18 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.11.20 19:54:15 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.11.20 19:54:15 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.11.20 19:34:36 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.11.20 19:34:36 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.11.20 19:34:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.11.20 19:34:35 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.11.20 19:33:56 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.11.17 02:11:57 | 000,025,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.11.17 02:08:25 | 000,705,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.11.17 02:08:23 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.11.17 02:08:20 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.11.17 02:08:18 | 001,381,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.11.17 02:08:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.11.16 21:17:46 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.11.14 00:09:16 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2015.11.14 00:09:16 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2015.11.14 00:08:28 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2015.11.13 23:50:01 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2015.11.13 23:49:15 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fixmapi.exe
[2015.11.13 20:59:54 | 000,048,914 | ---- | M] () -- C:\Users\test\Desktop\Já_old school.jpg
[2015.11.11 19:53:48 | 001,735,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2015.11.11 19:53:47 | 000,525,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2015.11.11 19:39:34 | 001,242,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2015.11.11 19:39:33 | 000,487,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2015.11.10 19:55:29 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015.11.10 19:55:26 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2015.11.05 20:05:04 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wshrm.dll
[2015.11.05 20:02:52 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2015.11.05 10:53:59 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2015.11.03 20:04:51 | 000,802,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2015.11.03 20:04:37 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\els.dll
[2015.11.03 19:55:58 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\els.dll
[2015.11.02 11:28:48 | 000,000,383 | ---- | M] () -- C:\ftconfig.ini
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016.01.30 21:27:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.01.29 20:54:53 | 001,222,144 | ---- | C] () -- C:\Users\test\Desktop\RSITx64.exe
[2016.01.10 20:54:45 | 000,000,722 | ---- | C] () -- C:\Users\Public\Desktop\MPC Cleaner.lnk
[2016.01.09 21:10:17 | 001,475,392 | ---- | C] () -- C:\Users\test\Desktop\IMG_2304.JPG
[2016.01.01 20:42:26 | 000,000,401 | ---- | C] () -- C:\Users\test\Desktop\Internet.lnk
[2015.12.28 20:56:05 | 000,844,815 | ---- | C] () -- C:\Users\test\Desktop\PSD kurz.jpg
[2015.12.28 20:52:39 | 000,212,665 | ---- | C] () -- C:\Users\test\Desktop\Střelnice.jpg
[2015.12.27 22:52:49 | 004,005,405 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015.12.26 21:35:50 | 000,000,401 | ---- | C] () -- C:\Windows\SysNative\Internet.lnk
[2015.12.23 15:54:53 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\PPTAssistantNotifyTask_test.job
[2015.12.23 15:54:50 | 000,000,596 | ---- | C] () -- C:\Windows\tasks\PPTAssistantUpdateTask_test.job
[2015.12.18 20:27:58 | 000,036,592 | ---- | C] () -- C:\Users\test\Desktop\4
[2015.12.15 21:29:06 | 000,024,405 | ---- | C] () -- C:\Users\test\Desktop\Cenik_TP_OA+NA+TK_-201526.pdf
[2015.12.14 21:21:10 | 002,986,442 | ---- | C] () -- C:\Users\test\Desktop\ústavko - zápočtový test II.zip
[2015.12.14 21:20:41 | 002,986,442 | ---- | C] () -- C:\Users\test\Desktop\ústavko - zápočtový test.zip
[2015.12.13 13:50:16 | 000,001,075 | ---- | C] () -- C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk
[2015.12.12 23:43:06 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\KMPFaster.lnk
[2015.12.12 23:42:42 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2015.12.12 23:41:01 | 000,000,697 | ---- | C] () -- C:\Users\test\Desktop\KMPlayer.lnk
[2015.12.11 23:34:10 | 001,787,189 | ---- | C] () -- C:\Users\test\Desktop\CLS.jpeg
[2015.12.10 20:54:30 | 000,000,013 | ---- | C] () -- C:\Users\test\.pluto.tv
[2015.12.06 13:56:21 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\history.dat
[2015.12.06 01:50:01 | 005,693,162 | ---- | C] () -- C:\Users\test\Desktop\Výcvik.jpg
[2015.12.05 21:07:47 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.12.02 21:50:38 | 000,000,074 | ---- | C] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[2015.11.30 22:35:22 | 000,000,476 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015.11.30 18:15:28 | 000,000,000 | -H-- | C] () -- C:\asc_rdflag
[2015.11.28 18:33:44 | 000,393,153 | ---- | C] () -- C:\Users\test\Desktop\Zák. o PČR.pdf
[2015.11.28 00:04:19 | 000,092,415 | ---- | C] () -- C:\Users\test\Desktop\čs.pdf
[2015.11.22 22:16:33 | 000,210,571 | ---- | C] () -- C:\Users\test\Desktop\Daňové přiznání_zápočet.PDF
[2015.11.22 14:02:33 | 000,002,048 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015.11.22 14:02:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.11.14 00:20:03 | 000,261,142 | ---- | C] () -- C:\Users\test\Desktop\Já_ZOP.jpg
[2015.11.13 20:59:53 | 000,048,914 | ---- | C] () -- C:\Users\test\Desktop\Já_old school.jpg
[2015.11.02 11:28:48 | 000,000,383 | ---- | C] () -- C:\ftconfig.ini
[2015.07.29 22:05:17 | 037,748,880 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2014.11.30 22:21:28 | 000,001,822 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2014.11.30 22:21:28 | 000,001,822 | ---- | C] () -- C:\Windows\SysWow64\vm331Rmv.ini
[2012.03.20 23:26:52 | 000,000,017 | ---- | C] () -- C:\Users\test\AppData\Local\resmon.resmoncfg
[2012.01.15 19:42:15 | 000,000,092 | ---- | C] () -- C:\Users\test\AppData\Local\fusioncache.dat
[2012.01.14 13:45:24 | 000,008,192 | ---- | C] () -- C:\Users\test\AppData\Roaming\records_db
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.12.10 21:40:42 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\AVG
[2013.09.18 21:35:37 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Babylon
[2012.01.14 15:52:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Canneverbe Limited
[2013.04.29 18:57:13 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Canon
[2016.01.10 18:00:59 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\eCyber
[2012.02.26 20:38:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ESET
[2012.07.07 12:54:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Fighters
[2012.01.24 22:02:26 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\GHISLER
[2013.01.29 21:50:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Inv Softworks
[2015.12.01 11:39:38 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\IObit
[2015.12.23 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\kingsoft
[2012.07.09 20:52:28 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Nokia
[2015.12.10 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\OpenCandy
[2015.12.18 18:00:17 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Opera Software
[2012.01.15 09:16:14 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\PC Suite
[2015.12.23 15:55:36 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\pptassist
[2015.11.05 21:03:35 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ProductData
[2014.12.10 21:36:09 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\RHEng
[2014.06.13 19:44:31 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SanDisk
[2013.09.19 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SanDisk SecureAccess
[2016.01.16 23:44:02 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Seznam Browser
[2014.11.30 16:39:53 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SketchUp
[2014.04.06 16:28:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\systweak
[2015.12.14 20:42:10 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\TSv
[2016.01.30 21:02:52 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ViberPC
[2012.03.20 21:30:37 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\wargaming.net
[2015.12.30 21:14:24 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\WinZipper
[2012.04.02 10:46:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,568 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.13 19:49:10 | 000,000,956 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
[2012.04.13 19:49:11 | 000,000,978 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000UA.job
[2012.11.06 10:53:26 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.30 23:01:44 | 000,000,534 | ---- | C] () -- C:\Windows\Tasks\Datová skartovačka - $RECYCLER .job
[2013.05.17 18:53:17 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.17 18:53:18 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.12.23 15:54:50 | 000,000,596 | ---- | C] () -- C:\Windows\Tasks\PPTAssistantUpdateTask_test.job
[2015.12.23 15:54:53 | 000,000,326 | ---- | C] () -- C:\Windows\Tasks\PPTAssistantNotifyTask_test.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 05:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[53 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[72 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\357c8435a7f80800732a3f695f44b143\*.tmp files -> C:\Windows\SoftwareDistribution\Download\357c8435a7f80800732a3f695f44b143\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[10 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.01.14 12:08:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Adobe
[2013.10.21 18:44:55 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Apple Computer
[2014.12.10 21:40:42 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\AVG
[2013.09.18 21:35:37 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Babylon
[2012.01.14 15:52:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Canneverbe Limited
[2013.04.29 18:57:13 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Canon
[2013.01.12 07:39:08 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\dvdcss
[2016.01.10 18:00:59 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\eCyber
[2012.02.26 20:38:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ESET
[2012.07.07 12:54:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Fighters
[2012.01.24 22:02:26 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\GHISLER
[2012.01.14 16:52:13 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Identities
[2012.01.14 17:22:14 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\InstallShield
[2012.01.14 11:35:50 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Intel
[2013.01.29 21:50:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Inv Softworks
[2015.12.01 11:39:38 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\IObit
[2015.12.23 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\kingsoft
[2012.01.14 11:14:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Macromedia
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Media Center Programs
[2015.08.11 20:48:40 | 000,000,000 | --SD | M] -- C:\Users\test\AppData\Roaming\Microsoft
[2015.12.03 22:35:53 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Mozilla
[2012.07.09 20:52:28 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Nokia
[2015.12.10 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\OpenCandy
[2015.12.18 18:00:17 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Opera Software
[2012.01.15 09:16:14 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\PC Suite
[2015.12.23 15:55:36 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\pptassist
[2015.11.05 21:03:35 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ProductData
[2014.12.10 21:36:09 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\RHEng
[2014.06.13 19:44:31 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SanDisk
[2013.09.19 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SanDisk SecureAccess
[2012.01.15 08:43:50 | 000,000,000 | RH-D | M] -- C:\Users\test\AppData\Roaming\SecuROM
[2016.01.16 23:44:02 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Seznam Browser
[2014.11.30 16:39:53 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\SketchUp
[2015.04.24 20:39:25 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Skype
[2014.04.06 16:28:19 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\systweak
[2015.12.14 20:42:10 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\TSv
[2016.01.30 21:02:52 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\ViberPC
[2015.03.10 21:41:22 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Vidalia
[2013.01.19 17:32:38 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\vlc
[2012.03.20 21:30:37 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\wargaming.net
[2012.01.23 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\WinRAR
[2015.12.30 21:14:24 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\WinZipper
[2012.04.02 10:46:29 | 000,000,000 | ---D | M] -- C:\Users\test\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2014.11.30 22:10:05 | 000,777,504 | ---- | M] () -- C:\Users\test\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014.11.30 22:09:32 | 002,197,280 | ---- | M] (IObit) -- C:\Users\test\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2015.12.25 13:05:13 | 000,098,664 | ---- | M] (Zhuhai Kingsoft Office Software Co.,Ltd) -- C:\Users\test\AppData\Roaming\kingsoft\pptassist\update\down\fileconn.exe
[2015.12.23 21:05:20 | 000,744,312 | ---- | M] () -- C:\Users\test\AppData\Roaming\kingsoft\pptassist\update\down\ktpcntrstp1.exe
[2015.08.11 20:48:40 | 000,119,808 | R--- | M] () -- C:\Users\test\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
[2015.11.30 22:18:44 | 000,316,192 | ---- | M] () -- C:\Users\test\AppData\Roaming\OpenCandy\18E5C91826A54A20BA3E880A9262467B\setup.exe
[2013.09.18 21:36:54 | 000,914,400 | ---- | M] () -- C:\Users\test\AppData\Roaming\OpenCandy\5299BA8CFCCC4DAABE9ABD4B9E70BEB0\PasswordBoxCHSTORE_p1v0.exe
[2013.09.20 14:57:47 | 000,914,400 | ---- | M] () -- C:\Users\test\AppData\Roaming\OpenCandy\761C38E6E98245568CA59F1F755014F4\PasswordBoxCHSTORE_p1v0.exe
[2013.01.29 03:33:10 | 032,682,184 | ---- | M] (SweetLabs,Inc.) -- C:\Users\test\AppData\Roaming\OpenCandy\98BB92F0F51F45BEB7D7CD269C74D982\version51030bc4470a0.exe
[2015.12.10 20:52:49 | 072,500,800 | ---- | M] (Pluto TV ) -- C:\Users\test\AppData\Roaming\OpenCandy\A1933B7FF7C84BF4A20F793635560AEB\PlutoTVSetup0910.exe
[2016.01.20 19:01:20 | 000,576,872 | ---- | M] (珠海金山办公软件有限公司) -- C:\Users\test\AppData\Roaming\pptassist\update\down\tbdtip1.exe
[2014.12.10 21:38:08 | 048,113,464 | ---- | M] (AVG Technologies) -- C:\Users\test\AppData\Roaming\RHEng\71420DF166904D6AA7EA4D53EFA12922\AVG-PC-TuneUp2015_CS_2200604.exe
[2014.12.10 21:43:25 | 000,683,104 | ---- | M] (Opera Software) -- C:\Users\test\AppData\Roaming\RHEng\7ADB81964F9442E5AB79E132191EFA3C\Opera_NI_stable.exe
[2012.02.14 08:39:36 | 030,705,792 | ---- | M] (Gemalto N.V.) -- C:\Users\test\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
[2015.01.20 10:22:10 | 001,490,944 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\ImportFavs.exe
[2015.01.28 11:55:26 | 004,777,984 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\nwsnapshot.exe
[2015.09.30 18:00:20 | 000,057,024 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\restart.exe
[2015.12.15 13:50:36 | 000,040,120 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\restartBack.exe
[2016.01.13 15:01:36 | 046,373,056 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\Seznam.cz.exe
[2015.10.22 20:23:46 | 000,116,219 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\uninstall.exe
[2015.06.18 15:48:04 | 000,167,936 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\unzip.exe
[2015.12.07 14:31:14 | 000,245,248 | ---- | M] (Paralint.com) -- C:\Users\test\AppData\Roaming\Seznam Browser\node_modules\node-notifier\vendor\notifu\notifu.exe
[2015.12.07 14:31:14 | 000,323,584 | ---- | M] (Paralint.com) -- C:\Users\test\AppData\Roaming\Seznam Browser\node_modules\node-notifier\vendor\notifu\notifu64.exe
[2015.12.07 14:31:14 | 000,014,848 | ---- | M] () -- C:\Users\test\AppData\Roaming\Seznam Browser\node_modules\node-notifier\vendor\toaster\toast.exe
[2015.12.08 09:05:54 | 000,580,752 | ---- | M] (tsvr.com) -- C:\Users\test\AppData\Roaming\TSv\TSvr.exe
[2015.12.30 21:14:29 | 000,432,128 | ---- | M] (equal max) -- C:\Users\test\AppData\Roaming\WinZipper\update\zip_update_v1.5.132.exe
[2016.01.20 19:18:09 | 002,921,072 | ---- | M] () -- C:\Users\test\AppData\Roaming\WinZipper\update\zip_update_v1.5.137.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2015.12.06 14:07:24 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016.01.30 21:02:04 | 000,000,534 | ---- | M] () -- C:\Windows\Tasks\Datová skartovačka - $RECYCLER .job
[2016.01.20 18:43:32 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
[2015.02.09 19:34:20 | 000,000,978 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000UA.job
[2016.01.30 21:02:07 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016.01.30 22:10:04 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2016.01.30 22:15:02 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\PPTAssistantNotifyTask_test.job
[2016.01.30 22:12:40 | 000,000,596 | ---- | M] () -- C:\Windows\Tasks\PPTAssistantUpdateTask_test.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"GoogleChromeAutoLaunch_1B0E81B795B08FCFC87354BB5741BA8D" = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window -- [2016.01.12 17:36:02 | 000,748,360 | ---- | M] (Google Inc.)
"apphide" = C:\Program Files (x86)\baidu\ppt.exe -- [2015.10.21 22:09:34 | 000,081,920 | -H-- | M] ()
"Viber" = "C:\Users\test\AppData\Local\Viber\Viber.exe" StartMinimized -- [2015.11.09 11:26:08 | 051,657,424 | ---- | M] ()
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015.11.16 17:54:04 | 008,591,272 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.12.23 23:52:08 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=0E5C2FBD4CF9CB08DCDA586247195FF2 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016.01.12 17:36:02 | 000,748,360 | ---- | M] (Google Inc.) MD5=23294E80AF6A4C653522D12A391933A1 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016.01.30 21:27:42 | 000,000,512 | ---- | M] () MD5=B04F9F998A9F71EDAED5DCC5481DAA97 -- C:\PhysicalMBR.bin
[3 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2014.02.05 18:41:19 | 000,213,184 | ---- | M] () -- \Hry\World_of_Tanks\res\audio\objects_ice_crack.fsb
< *keygen* /s >
< *loader* /s >
[2015.05.15 15:27:10 | 000,060,712 | ---- | M] () -- \Common Files\Apple\Apple Application Support\YSLoader.exe
[2015.04.26 13:02:04 | 000,043,816 | ---- | M] () -- \Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
[2015.04.26 13:02:04 | 001,505,576 | ---- | M] () -- \Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader_main.dll
[2014.09.03 00:27:24 | 000,268,432 | ---- | M] () -- \Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 00:27:24 | 000,019,096 | ---- | M] () -- \Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2015.07.24 05:22:02 | 001,176,720 | ---- | M] () -- \GFExperience\ExtensionLoader.dll
[2013.01.09 18:20:26 | 000,071,208 | ---- | M] () -- \Hry\World_of_Tanks\PhysXLoader.dll
[2015.11.11 16:13:56 | 000,009,971 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\app_loader\loader.pyc
[2015.11.11 16:13:56 | 000,001,512 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2015.11.11 16:13:56 | 000,002,209 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2015.11.11 16:13:56 | 000,007,130 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2015.11.11 16:13:56 | 000,003,955 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2015.11.11 16:13:56 | 000,002,753 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2015.11.11 16:13:59 | 000,001,519 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2015.11.11 16:13:59 | 000,006,157 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2015.11.11 16:14:00 | 000,011,861 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\gui\shared\remotedatadownloader.pyc
[2015.11.11 16:14:00 | 000,003,419 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2015.11.11 16:14:02 | 000,011,524 | ---- | M] () -- \Hry\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2015.11.11 16:07:35 | 000,011,336 | ---- | M] () -- \Hry\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2015.11.11 16:07:35 | 000,049,402 | ---- | M] () -- \Hry\World_of_Tanks\res_bw\scripts\common\lib\unittest\test\test_loader.pyc
[2013.08.15 21:27:46 | 000,010,773 | ---- | M] () -- \IObit\Advanced SystemCare 6\Downloader.log
[2015.04.08 15:33:08 | 002,163,488 | ---- | M] () -- \IObit\Advanced SystemCare 8\ActionCenterDownloader.exe
[2015.06.23 13:41:58 | 002,193,728 | ---- | M] () -- \IObit\Driver Booster\IObitDownloader.exe
[2015.07.06 14:31:20 | 002,193,728 | ---- | M] () -- \IObit\Driver Booster\Freeware\IObitDownloader.exe
[2015.01.09 17:46:14 | 002,157,344 | ---- | M] () -- \IObit\IObit Malware Fighter\IMF_ActionCenterDownloader.exe
[2015.01.19 21:04:52 | 002,158,880 | ---- | M] () -- \IObit\IObit Uninstaller\Downloader.exe
[2015.01.14 19:51:39 | 002,156,832 | ---- | M] () -- \IObit\IObit Uninstaller\IObitDownloader.exe
[2015.01.16 16:19:22 | 002,161,440 | ---- | M] () -- \IObit\Smart Defrag 4\ActionCenterDownloader.exe
[2015.01.19 16:23:36 | 002,161,440 | ---- | M] () -- \IObit\Smart Defrag 4\Freeware\SD_FreeSoftwareDownloader.exe
[2015.07.24 05:22:13 | 000,916,112 | ---- | M] () -- \NVI2\NVDownloader.dll
[2015.07.24 05:21:16 | 000,028,430 | ---- | M] () -- \NVI2\NVI2DownloaderExt.CFG
[2015.07.24 05:22:13 | 000,828,048 | ---- | M] () -- \NVI2\NVI2DownloaderExt.DLL
[2015.07.24 05:22:02 | 001,176,720 | ---- | M] () -- \NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2015.07.25 00:28:36 | 000,057,592 | ---- | M] () -- \NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2015.07.25 00:28:36 | 000,065,784 | ---- | M] () -- \NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2015.07.25 00:28:36 | 000,073,976 | ---- | M] () -- \NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2015.07.25 00:28:36 | 000,090,872 | ---- | M] () -- \NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2015.07.25 00:28:36 | 000,057,592 | ---- | M] () -- \PhysX\files\Common\PhysXLoader.dll
[2015.07.25 00:28:36 | 000,065,784 | ---- | M] () -- \PhysX\files\Common\PhysXLoader64.dll
[2015.07.25 00:28:36 | 000,073,976 | ---- | M] () -- \PhysX\files\Common\PhysXUpdateLoader.dll
[2015.07.25 00:28:36 | 000,090,872 | ---- | M] () -- \PhysX\files\Common\PhysXUpdateLoader64.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.10 21:46:23 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.05 20:35:55 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.07 21:11:44 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.05 20:35:54 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.07 21:11:43 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.12 20:39:18 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.03.12 20:39:18 | 000,033,208 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.efi.mui_35ee487d
[2015.03.12 20:39:18 | 000,034,752 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.exe.mui_3bc5b827
[2015.03.12 20:39:18 | 000,029,624 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.efi.mui_f412814e
[2015.03.12 20:39:18 | 000,030,136 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.exe.mui_ff8b5358
[2015.03.12 20:39:21 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.03.12 20:39:21 | 000,693,176 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015.03.12 20:39:22 | 000,619,056 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015.03.12 20:39:22 | 000,616,360 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015.03.12 20:39:22 | 000,532,176 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.05 20:37:09 | 000,000,616 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.02.03 05:49:45 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.01.16 07:36:46 | 000,004,141 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.27 06:32:05 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.02.03 06:30:16 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.05.05 20:34:25 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.06.07 21:11:12 | 000,004,431 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 04:51:30 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.01.16 07:37:02 | 000,005,511 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 05:22:06 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 05:17:47 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.05.05 20:34:28 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.06.07 21:11:14 | 000,005,744 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.10 21:46:23 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.05 20:35:56 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.07 21:11:44 | 000,003,584 | -H-- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.05 20:35:54 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.06.07 21:11:44 | 000,003,584 | ---- | M] () -- \Přesunuto z CÉČKA\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \SOFTWARE\The KMPlayer\ImLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Sta×enř software\The KMPlayer\ImLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Stažený software\KMPlayer\ImLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \The KMPlayer\ImLoader.dll
[2013.08.21 12:48:08 | 000,071,208 | ---- | M] () -- \WOT test\PhysXLoader.dll
[2013.08.21 12:48:08 | 000,002,221 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2013.08.21 12:48:08 | 000,007,015 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2013.08.21 12:48:08 | 000,003,974 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2013.08.29 11:52:04 | 000,006,629 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2013.08.21 12:48:08 | 000,002,773 | ---- | M] () -- \WOT test\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2013.08.21 12:48:08 | 000,001,504 | ---- | M] () -- \WOT test\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2013.08.21 12:48:08 | 000,006,493 | ---- | M] () -- \WOT test\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2013.08.21 12:48:08 | 000,003,668 | ---- | M] () -- \WOT test\res\scripts\client\helpers\rssdownloader.pyc
[2013.08.21 12:48:08 | 000,006,907 | ---- | M] () -- \WOT test\res\scripts\client\tutorial\loader.pyc
[2011.12.06 12:06:24 | 000,429,568 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 13:12:40 | 000,053,640 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.12.06 12:06:24 | 000,319,488 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Facebook\en\ZPSFacebookUploader.resources.dll
[2011.12.06 12:06:40 | 000,444,416 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 13:12:42 | 000,053,640 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.12.06 12:06:40 | 000,323,584 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Flickr\en\ZPSFlickrUploader.resources.dll
[2011.03.08 16:09:04 | 000,194,048 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 13:12:40 | 000,053,640 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2010.11.11 11:07:12 | 000,323,584 | ---- | M] () -- \Zoner\Photo Studio 14\Plugins\Picasa\en\ZPSPicasaUploader.resources.dll
[2011.12.21 17:07:52 | 000,102,792 | ---- | M] () -- \Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.12.21 17:08:06 | 000,016,776 | ---- | M] () -- \Zoner\Photo Studio 14\Program32\WICLoader.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 5960 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zdravím, žádám o pomoc s pomalým ntb. (IObit již odinst.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:
Po restartu se objevi novy log, ten sem dejte.
Do spodniho okna vlozte nasledujici text:
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.:OTL
[2016.01.20 19:01:20 | 000,576,872 | ---- | M] (珠海金山办公软件有限公司) -- C:\Users\test\AppData\Roaming\pptassist\update\down\tbdtip1.exe
@Alternate Data Stream - 5960 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
PRC - [2015.11.30 22:13:38 | 000,325,632 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\snsc5768.tmp
PRC - [2015.11.30 22:13:36 | 000,516,608 | ---- | M] () -- C:\Users\test\AppData\Local\35B51072-1448921610-E111-A818-DC0EA173A626\onsc576A.tmp
PRC - [2015.11.30 22:12:42 | 000,617,984 | ---- | M] () -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\hnsx7C94.tmp
PRC - [2015.11.30 22:12:35 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\35B51072-1448917933-E111-A818-DC0EA173A626\jnss6155.tmp
MOD - [2016.01.30 21:05:21 | 000,011,264 | ---- | M] () -- C:\Users\test\AppData\Local\Temp\nsm281A.tmp\System.dll
SRV - [2015.11.23 20:41:28 | 000,956,136 | ---- | M] (Spigot, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ProgramManager\ProgramManager.exe -- (Program Manager)
SRV - [2015.11.20 17:44:02 | 000,955,056 | ---- | M] (Spigot, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... 16W7116&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.yoursites123.com/web/?type=d ... 16W7116&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... 16W7116&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... 16W7116&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.yoursites123.com/web/?type=d ... 16W7116&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\..\SearchScopes,DefaultScope = {ielnksrch}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKLM\..\SearchScopes\ielnksrch: "URL" = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zh8mg,,&q={searchTerms}
IE - HKU\.DEFAULT\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}
IE - HKU\.DEFAULT\..\SearchScopes\{356C663A-29A7-4B26-BB5A-1C70D8F4AB2A}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... 16W7116&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zh8mg,,&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes,DefaultScope = {18F9ACFF-FA75-4830-AEF8-CE6B65598CE5}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.dalesearch.com/?q={searchTer ... 9&tsp=5011
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{18F9ACFF-FA75-4830-AEF8-CE6B65598CE5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.yoursites123.com/web/?type=d ... 16W7116&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{53D943B4-F4B8-4035-9026-260DEFD2C4B6}: "URL" = http://search.eshield.com/serp?guid={8C ... earchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6F36 ... 2012-05-08 20:50:27&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{D83A9746-0573-4C41-B746-32EAF5C87A8E}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=13043D62-C29A-487F-AC62-399604DD8FAA&apn_sauid=526A3A61-C0D7-4F22-AE24-2B7FF1E2A618
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0EA173A626}
IE - HKU\S-1-5-21-721941654-2744527999-12510684-1000\..\SearchScopes\{ielnksrch}: "URL" = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zh8mg,,&q={searchTerms}
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: File not found
[2015.12.23 20:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions
[2015.11.30 22:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\1448918575_xpi
[2015.11.30 23:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\1448921190_xpi
[2015.12.20 14:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\hdiuo2ez.default\extensions
[2015.12.23 20:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions
[2015.11.30 04:03:12 | 000,008,838 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\6aicucig.default\extensions\{1c09e4c9-0906-443a-aa55-b0db4716d743}.xpi
[2012.02.23 22:44:48 | 000,021,707 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\adapter@babylontc.com.xpi
[2012.02.23 22:44:49 | 000,011,148 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\ocr@babylon.com.xpi
[2015.11.30 04:03:12 | 000,008,838 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\{1c09e4c9-0906-443a-aa55-b0db4716d743}.xpi
[2013.05.03 10:01:54 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\ojq716qt.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk\1.1.4_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpnkfkmdhgomemhogjdianppfjkaddcc\3.3_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp\1.5_1\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip\1.1.5_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccdakfilccajeijdfklolcafehhoika\4.67.1.26152_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce\3.2.2_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.4.1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pagmklehiaheilihklokljahmoihkjni\1_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak\0.2.987_0\
CHR - Extension: No name found = C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE64.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\23.8\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto File not found
O4 - HKU\.DEFAULT..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto File not found
O4 - HKU\S-1-5-18..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Translate this web page with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8:64bit: - Extra context menu item: Translate with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/Action.htm File not found
O8 - Extra context menu item: Translate this web page with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/Action.htm File not found
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://D:\Stažený software\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O18 - Protocol\Handler\ms-help - No CLSID value found
O33 - MountPoints2\{46ca87fe-3e96-11e1-bb0d-dc0ea173a626}\Shell - "" = AutoRun
O33 - MountPoints2\{46ca87fe-3e96-11e1-bb0d-dc0ea173a626}\Shell\AutoRun\command - "" = G:\AutoRunCD.exe
O33 - MountPoints2\{72347dc4-65c9-11e1-9ce7-e4d53ddb5633}\Shell - "" = AutoRun
O33 - MountPoints2\{72347dc4-65c9-11e1-9ce7-e4d53ddb5633}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Windows\SysNative\drivers\jnhtnwej.sys
C:\Users\test\AppData\Roaming\Babylon
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000Core.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-721941654-2744527999-12510684-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\IObit Apps Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Po restartu se objevi novy log, ten sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?