Niečo som odstránil ale neviem asi nie všetko proces Samsung Link.exe mi vyťažuje všetky jadrá na100%.
-
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bax2013 at 2016-07-14 23:04:13
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 50 GB (44%) free of 114 GB
Total RAM: 16325 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:04:29, on 14. 7. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal
Running processes:
D:\Program Files (x86)\AI Suite II\AsRoutineController.exe
D:\Program Files (x86)\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
C:\VIA_XHCI\usb3Monitor.exe
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
D:\Program Files (x86)\AI Suite II\EPU\EPUHelp.exe
D:\Program Files (x86)\AI Suite II\AI Suite II.exe
D:\Program Files (x86)\Samsung\Kies\Kies.exe
D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Internet Download Manager\IDMan.exe
D:\Program Files (x86)\Nuance\PaperPort\xdcla.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
D:\Program Files (x86)\Alt-Tab Thingy v4\attmain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
F:\Program Files (x86)\Mozilla Firefox\firefox.exe
F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
E:\ProgNeinst\totalcmd _totalcommander-v-7-56a\TOTALCMD.EXE
E:\ProgNeinst\AD-WarePortable04\AdAware\Ad-Watch.exe
D:\Program Files\update\realsched.exe
C:\Program Files\trend micro\Bax2013.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.attirerpage.com/search/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.attirerpage.com/search/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Launcher6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015B
O4 - HKLM\..\Run: [DocuPrint 6015B RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015B,hide,\S
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [KiesTrayAgent] D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [Alt-Tab Thingy] "D:\Program Files (x86)\Alt-Tab Thingy v4\attmain.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Namedate] E:\ProgNeinst\Nezmeskaj\nezmeskej.exe s s
O4 - HKCU\..\Run: [ISUSPM Startup] c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup
O4 - HKCU\..\Run: [KiesPreload] D:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesPDLR] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Bax2013\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [KiesPDLR.exe] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: Image Retriever.lnk = D:\Program Files (x86)\Nuance\PaperPort\xdcla.exe
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: ,C:\Windows\Jaksta\AC\x86\jaudcap.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: cktSvc - Unknown owner - C:\Program Files (x86)\Uncheckit\cktSvc.exe (file missing)
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - D:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard Agent Service (Guard Agent) - CHENGDU YIWO Tech Development Co., Ltd - D:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Samsung Electronics Co.,Ltd - D:\Program Files\Samsung Link\Samsung Link.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player - služba zdieľania v sieti (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
--
End of file - 15918 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k gpsvcgroup
c:\windows\system32\svchost.exe -k networkservice
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
\??\C:\Windows\system32\conhost.exe "-516553787782580360-6223218081690148972-1249063818-1086051685-849636881-1515114656
taskeng.exe {5026B5BB-638F-491E-A0EB-C87E725B3AFC}
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"D:\Program Files (x86)\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"D:\Program Files (x86)\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe"
c:\windows\system32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
"C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe"
"D:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe"
"D:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
"D:\Program Files\Samsung Link\Samsung Link.exe"
"D:\Program Files\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
"C:\VIA_XHCI\usb3Monitor.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
"F:\Program Files\SoftPerfect RAM Disk\ramdiskws.exe" /hide
"D:\Program Files (x86)\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
c:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:4524
"E:\ProgNeinst\+INTERNET\networx_portable\64-bit\networx.exe" /auto
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Program Files (x86)\AI Suite II\EPU\EPUHelp.exe" -Init
"D:\Program Files\Samsung Link\Samsung Link Tray Agent.exe"
"D:\Program Files (x86)\AI Suite II\AI Suite II.exe" -hide
"D:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
C:\Windows\System32\vds.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files\Internet Download Manager\IDMan.exe" /onboot
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localservicepeernet
"D:\Program Files (x86)\Nuance\PaperPort\xdcla.exe" /x
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015B
"C:\Program Files\Internet Download Manager\IEMonitor.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015B,hide,\S
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe"
\??\C:\Windows\system32\conhost.exe "908130077-1935963390-1883864619-1717369027-446953494-703692974-13838611081183133495
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe"
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
\??\C:\Windows\system32\conhost.exe "1233166400-18397629547523876691996628929-2131270795678090752036285076-953313614
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"D:\Program Files (x86)\Alt-Tab Thingy v4\attmain.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"D:\Program Files (x86)\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
taskeng.exe {02DB35B3-EAE9-4830-97C5-D69A7E172FBC}
"F:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\taskmgr.exe" /1
"F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="7416.0.356333600\1994041899" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll" -greomni "F:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "F:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "F:\Program Files (x86)\Mozilla Firefox\browser" CE58E082EB2E4D8D 7416 "\\.\pipe\gecko-crash-server-pipe.7416" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe" --proxy-stub-channel=Flash10732.56DA87E0.21120 --host-broker-channel=Flash10732.56DA87E0.1362 --host-pid=10732 --host-npapi-version=29 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe" --channel=760.006AF5D0.1301763478 --proxy-stub-channel=Flash10732.56DA87E0.21120 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll" --host-npapi-version=29 --type=renderer
"E:\ProgNeinst\totalcmd _totalcommander-v-7-56a\TOTALCMD.EXE"
"E:\ProgNeinst\AD-WarePortable04\AdAware\Ad-Watch.exe"
"D:\Program Files\update\realsched.exe" -restart
taskeng.exe {B050D525-51EA-4129-9A77-AB0656DF9DD6}
"P:\+Download\+IDM\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000Core.job - C:\Users\Bax2013\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000UA.job - C:\Users\Bax2013\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.nicesearches.com?type=hp&ts= ... 5mfzac9tcm"
prefs.js - "keyword.URL" - "http://www.yessearches.com/chrome.php?u ... toolbar&q="
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=D:\Program Files\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=D:\Program Files\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDF Architect 2]
"Description"=
"Path"=C:\Program Files (x86)\PDF Architect 2\np-previewer.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\
nice.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC64.dll [2015-09-28 484888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-07 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-30 902624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-07 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-09-28 422936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-07 461888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-30 679680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-06-01 629432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-07 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-05-27 7188552]
"RtHDVBg_DTS"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-05-20 1308232]
"VIAxHCUtl"=C:\VIA_XHCI\usb3Monitor.exe [2011-07-12 331776]
"RAMDiskForWorkstations"=F:\Program Files\SoftPerfect RAM Disk\RAMDiskWS.exe [2014-06-18 5035216]
"NetWorx"=E:\ProgNeinst\+INTERNET\networx_portable\64-bit\networx.exe [2016-02-02 7791432]
"Samsung Link"=D:\Program Files\Samsung Link\Samsung Link Tray Agent.exe [2016-03-09 615144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Namedate"=E:\ProgNeinst\Nezmeskaj\nezmeskej.exe [2002-07-03 523776]
"ISUSPM Startup"=c:\progra~2\common~1\instal~1\update~1\isuspm.exe [2005-02-16 221184]
"KiesPreload"=D:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
"KiesPDLR"=D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-06-17 39408]
"Dropbox Update"=C:\Users\Bax2013\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 134512]
"KiesPDLR.exe"=D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2015-11-10 3911248]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro]
D:\Program Files (x86)\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe [2003-09-12 278528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pcmgr]
C:\Program Files (x86)\ppt\Uninst.exe [2015-12-28 1571296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pokki]
C:\Users\Bax2013\AppData\Local\Pokki\Engine\Launcher.dll,RunLaunchPlatform []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
D:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-06-16 833024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-08-30 676608]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-27 7408312]
"Launcher6015B"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-04-28 2569728]
"DocuPrint 6015B RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2011-04-28 355840]
"StatusAutoRun6015B"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2011-04-28 4476928]
"TkBellExe"=D:\Program Files\Update\realsched.exe [2014-07-21 295512]
"KiesTrayAgent"=D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-04-28 311616]
"Alt-Tab Thingy"=D:\Program Files (x86)\Alt-Tab Thingy v4\attmain.exe [2009-06-05 140800]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20 595992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Image Retriever.lnk - D:\Program Files (x86)\Nuance\PaperPort\xdcla.exe
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\Windows\Jaksta\AC\x64\jaudcap.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-14 22:46:08 ----D---- C:\Users\Bax2013\AppData\Roaming\Lavasoft
2016-07-09 15:06:24 ----D---- C:\Program Files\Samsung
2016-07-09 10:28:49 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2016-07-09 09:13:53 ----D---- C:\Program Files (x86)\ESET
2016-07-09 00:13:28 ----HD---- C:\Users\Bax2013\AppData\Roaming\GoldenGate
2016-07-09 00:13:28 ----HD---- C:\Users\Bax2013\AppData\Roaming\Booking_helper
2016-07-06 22:46:55 ----D---- C:\Program Files (x86)\DVDVideoSoft
2016-07-06 22:29:18 ----D---- C:\Users\Bax2013\AppData\Roaming\DVDVideoSoft
2016-07-06 11:46:43 ----A---- C:\Windows\system32\drivers\iSafeKrnlBoot.sys
2016-07-04 11:40:23 ----N---- C:\Windows\KMSEmulator.exe
2016-07-03 14:26:57 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-07-03 14:26:57 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\system32\ucrtbase.dll
2016-07-03 14:26:57 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-07-03 14:26:57 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-07-03 14:26:56 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-07-03 14:18:43 ----A---- C:\Windows\system32\perfh01B.dat
2016-07-03 14:18:43 ----A---- C:\Windows\system32\perfc01B.dat
2016-07-03 14:18:42 ----A---- C:\Windows\system32\perfi005.dat
2016-07-03 14:18:41 ----A---- C:\Windows\system32\perfh005.dat
2016-07-03 14:18:41 ----A---- C:\Windows\system32\perfd005.dat
2016-07-03 14:18:41 ----A---- C:\Windows\system32\perfc005.dat
2016-07-03 00:30:29 ----D---- C:\Windows\EOONotify
2016-07-03 00:30:26 ----D---- C:\Windows\SYSWOW64\cs
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\XPSViewer
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\drivers\cs-CZ
2016-07-03 00:30:24 ----D---- C:\Windows\system32\cs
2016-07-03 00:30:24 ----D---- C:\Windows\cs-CZ
2016-07-03 00:30:21 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-02 23:49:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-02 23:49:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-02 23:49:25 ----A---- C:\Windows\system32\inseng.dll
2016-07-02 23:49:25 ----A---- C:\Windows\system32\iernonce.dll
2016-07-02 23:49:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-02 23:49:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-02 23:49:25 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-02 23:49:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-02 23:49:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-02 23:49:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-02 23:49:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-02 23:49:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-02 23:49:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-02 23:49:24 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-02 23:49:24 ----A---- C:\Windows\system32\urlmon.dll
2016-07-02 23:49:24 ----A---- C:\Windows\system32\occache.dll
2016-07-02 23:49:24 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-02 23:49:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-02 23:49:24 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-02 23:49:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-02 23:49:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-02 23:49:23 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-02 23:49:23 ----A---- C:\Windows\system32\iesetup.dll
2016-07-02 23:49:23 ----A---- C:\Windows\system32\iertutil.dll
2016-07-02 23:49:23 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-02 23:49:23 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-02 23:49:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-02 23:49:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-02 23:49:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-02 23:49:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-02 23:49:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-02 23:49:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-02 23:49:22 ----A---- C:\Windows\system32\vbscript.dll
2016-07-02 23:49:22 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-02 23:49:22 ----A---- C:\Windows\system32\ieui.dll
2016-07-02 23:49:22 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-02 23:49:21 ----A---- C:\Windows\system32\webcheck.dll
2016-07-02 23:49:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-02 23:49:21 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-02 23:49:21 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-02 23:49:21 ----A---- C:\Windows\system32\jscript9.dll
2016-07-02 23:49:21 ----A---- C:\Windows\system32\jscript.dll
2016-07-02 23:49:21 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-02 23:49:21 ----A---- C:\Windows\system32\ieframe.dll
2016-07-02 23:49:20 ----A---- C:\Windows\system32\wininet.dll
2016-07-02 23:49:20 ----A---- C:\Windows\system32\msrating.dll
2016-07-02 23:49:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-02 23:49:19 ----A---- C:\Windows\system32\mshtml.dll
2016-07-02 23:48:14 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-02 23:48:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-02 23:48:14 ----A---- C:\Windows\system32\ntdll.dll
2016-07-02 23:48:14 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-02 23:48:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-02 23:48:13 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\wow64win.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\wow64.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\winsrv.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\wdigest.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\sspicli.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\srcore.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\srclient.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\smss.exe
2016-07-02 23:48:13 ----A---- C:\Windows\system32\schannel.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\secur32.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\rstrui.exe
2016-07-02 23:48:13 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\msobjs.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\msaudite.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\lsass.exe
2016-07-02 23:48:13 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\kernel32.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\kerberos.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-02 23:48:13 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-02 23:48:13 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-02 23:48:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-02 23:48:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-02 23:48:13 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-02 23:48:13 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\credssp.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\conhost.exe
2016-07-02 23:48:13 ----A---- C:\Windows\system32\certcli.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\auditpol.exe
2016-07-02 23:48:13 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-02 23:48:13 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-02 23:48:13 ----A---- C:\Windows\system32\appidapi.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\advapi32.dll
2016-07-02 23:48:13 ----A---- C:\Windows\system32\adtschema.dll
2016-07-02 23:48:01 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-07-02 23:48:00 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\wmpmde.dll
2016-07-02 23:48:00 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\quartz.dll
2016-07-02 23:48:00 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-07-02 23:48:00 ----A---- C:\Windows\system32\mf.dll
2016-07-02 23:48:00 ----A---- C:\Windows\system32\mcmde.dll
2016-07-02 23:48:00 ----A---- C:\Windows\system32\evr.dll
2016-07-02 23:48:00 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-07-02 23:47:59 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\system32\SysFxUI.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\rrinstaller.exe
2016-07-02 23:47:59 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\system32\qdvd.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\qasf.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-07-02 23:47:59 ----A---- C:\Windows\system32\mfvdsp.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\mfps.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\mfpmp.exe
2016-07-02 23:47:59 ----A---- C:\Windows\system32\mfplat.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\mferror.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\ksuser.dll
2016-07-02 23:47:59 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-07-02 23:47:59 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-07-02 23:47:59 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-07-02 23:47:59 ----A---- C:\Windows\system32\devenum.dll
2016-07-02 23:47:56 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-07-02 23:47:56 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-07-02 23:47:56 ----A---- C:\Windows\system32\EncDec.dll
2016-07-02 23:47:56 ----A---- C:\Windows\system32\CPFilters.dll
2016-07-02 23:47:55 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-07-02 23:47:55 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-07-02 23:47:55 ----A---- C:\Windows\system32\mtxoci.dll
2016-07-02 23:47:43 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-07-02 23:47:43 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-07-02 23:47:43 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-07-02 23:47:43 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-07-02 23:47:43 ----A---- C:\Windows\system32\nlsbres.dll
2016-07-02 23:47:43 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-07-02 23:47:43 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-07-02 23:47:43 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-07-02 23:47:38 ----A---- C:\Windows\system32\invagent.dll
2016-07-02 23:47:38 ----A---- C:\Windows\system32\generaltel.dll
2016-07-02 23:47:38 ----A---- C:\Windows\system32\devinv.dll
2016-07-02 23:47:38 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-02 23:47:38 ----A---- C:\Windows\system32\centel.dll
2016-07-02 23:47:38 ----A---- C:\Windows\system32\appraiser.dll
2016-07-02 23:47:38 ----A---- C:\Windows\system32\aepic.dll
2016-07-02 23:47:38 ----A---- C:\Windows\system32\aeinv.dll
2016-07-02 23:47:38 ----A---- C:\Windows\system32\acmigration.dll
2016-07-02 23:47:33 ----A---- C:\Windows\system32\wmp.dll
2016-07-02 23:47:32 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-07-02 23:47:32 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-07-02 23:47:32 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-07-02 23:47:32 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-07-02 23:47:32 ----A---- C:\Windows\system32\wmploc.DLL
2016-07-02 23:47:32 ----A---- C:\Windows\system32\spwmp.dll
2016-07-02 23:47:32 ----A---- C:\Windows\system32\dxmasf.dll
2016-07-02 23:47:28 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-07-02 23:47:28 ----A---- C:\Windows\system32\d3d10level9.dll
2016-07-02 23:47:27 ----A---- C:\Windows\system32\win32k.sys
2016-07-02 23:47:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-07-02 23:47:26 ----A---- C:\Windows\system32\user32.dll
2016-07-02 23:47:26 ----A---- C:\Windows\system32\jnwmon.dll
2016-07-02 23:47:26 ----A---- C:\Windows\system32\FntCache.dll
2016-07-02 23:47:26 ----A---- C:\Windows\system32\DWrite.dll
2016-07-02 23:47:25 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-07-02 23:47:24 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-07-02 23:47:24 ----A---- C:\Windows\system32\comsvcs.dll
2016-07-02 23:47:24 ----A---- C:\Windows\system32\catsrvut.dll
2016-07-02 23:47:23 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-07-02 23:47:23 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-07-02 23:47:23 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-07-02 23:47:23 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-07-02 23:47:23 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-07-02 23:47:23 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-07-02 23:47:23 ----A---- C:\Windows\system32\ws2_32.dll
2016-07-02 23:47:23 ----A---- C:\Windows\system32\winhttp.dll
2016-07-02 23:47:23 ----A---- C:\Windows\system32\netbtugc.exe
2016-07-02 23:47:23 ----A---- C:\Windows\system32\mswsock.dll
2016-07-02 23:47:23 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-07-02 23:47:22 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-07-02 23:47:22 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-07-02 23:47:22 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-07-02 23:47:22 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-07-02 23:47:22 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-07-02 23:47:22 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-07-02 23:47:22 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-07-02 23:47:22 ----A---- C:\Windows\system32\winipsec.dll
2016-07-02 23:47:22 ----A---- C:\Windows\system32\polstore.dll
2016-07-02 23:47:22 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-07-02 23:47:22 ----A---- C:\Windows\system32\gpsvc.dll
2016-07-02 23:47:22 ----A---- C:\Windows\system32\gpscript.exe
2016-07-02 23:47:22 ----A---- C:\Windows\system32\gpscript.dll
2016-07-02 23:47:22 ----A---- C:\Windows\system32\gpprefcl.dll
2016-07-02 23:47:22 ----A---- C:\Windows\system32\gpapi.dll
2016-07-02 23:47:22 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-07-02 23:47:21 ----A---- C:\Windows\system32\drivers\disk.sys
2016-07-02 23:47:20 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-07-02 23:47:20 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-07-02 23:47:20 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-07-02 23:47:20 ----A---- C:\Windows\system32\webio.dll
2016-07-02 23:47:20 ----A---- C:\Windows\system32\qedit.dll
2016-07-02 23:47:20 ----A---- C:\Windows\system32\InkEd.dll
2016-07-02 23:47:19 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-07-02 23:47:19 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-07-02 23:47:19 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-07-02 23:47:19 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-07-02 23:47:19 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-07-02 23:47:19 ----A---- C:\Windows\system32\lpk.dll
2016-07-02 23:47:19 ----A---- C:\Windows\system32\fontsub.dll
2016-07-02 23:47:19 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-07-02 23:47:19 ----A---- C:\Windows\system32\dciman32.dll
2016-07-02 23:47:19 ----A---- C:\Windows\system32\atmlib.dll
2016-07-02 23:47:19 ----A---- C:\Windows\system32\atmfd.dll
2016-07-02 23:47:18 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-07-02 23:47:18 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-02 23:47:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-07-02 23:47:18 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-02 23:47:18 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-07-02 23:47:18 ----A---- C:\Windows\system32\seclogon.dll
2016-07-02 23:47:18 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-02 23:47:18 ----A---- C:\Windows\system32\gdi32.dll
2016-07-02 23:47:18 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-02 23:47:17 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-07-02 23:47:17 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-07-02 23:47:17 ----A---- C:\Windows\system32\cdd.dll
2016-07-02 23:47:16 ----A---- C:\Windows\system32\shell32.dll
2016-07-02 23:47:15 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-07-02 23:47:15 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-07-02 23:47:15 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-07-02 23:47:15 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-07-02 23:47:15 ----A---- C:\Windows\explorer.exe
2016-07-02 23:47:13 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-07-02 23:47:13 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-07-02 23:47:13 ----A---- C:\Windows\system32\wshrm.dll
2016-07-02 23:47:13 ----A---- C:\Windows\system32\mfds.dll
2016-07-02 23:47:13 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-07-02 23:47:12 ----A---- C:\Windows\SYSWOW64\els.dll
2016-07-02 23:47:12 ----A---- C:\Windows\system32\rdpudd.dll
2016-07-02 23:47:12 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-07-02 23:47:12 ----A---- C:\Windows\system32\rdpcorets.dll
2016-07-02 23:47:12 ----A---- C:\Windows\system32\els.dll
2016-07-02 23:47:12 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-07-02 23:47:11 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-07-02 23:47:11 ----A---- C:\Windows\system32\usp10.dll
2016-07-02 23:45:19 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-02 23:45:19 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-02 23:45:19 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-02 23:45:19 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-02 23:45:19 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-02 23:45:19 ----A---- C:\Windows\system32\msimsg.dll
2016-07-02 23:45:19 ----A---- C:\Windows\system32\msihnd.dll
2016-07-02 23:45:19 ----A---- C:\Windows\system32\msiexec.exe
2016-07-02 23:45:19 ----A---- C:\Windows\system32\msi.dll
2016-07-02 23:45:19 ----A---- C:\Windows\system32\consent.exe
2016-07-02 23:45:19 ----A---- C:\Windows\system32\authui.dll
2016-07-02 23:45:19 ----A---- C:\Windows\system32\appinfo.dll
2016-07-02 23:40:54 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-07-02 23:40:54 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-07-01 10:26:13 ----A---- C:\Windows\system32\sdnclean64.exe
2016-07-01 10:26:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-07-01 10:26:09 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-01 10:19:44 ----D---- C:\Program Files\Unlocker
2016-06-30 10:34:45 ----D---- C:\Program Files\trend micro
2016-06-30 10:34:44 ----D---- C:\rsit
2016-06-30 09:35:36 ----A---- C:\autoexec.bat
2016-06-30 09:35:11 ----D---- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group
2016-06-30 09:31:20 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-06-30 09:02:57 ----D---- C:\Windows\SYSWOW64\vbox
2016-06-30 09:02:57 ----D---- C:\Windows\system32\vbox
2016-06-29 13:57:18 ----D---- C:\Users\Bax2013\AppData\Roaming\Firefox
2016-06-29 13:57:09 ----D---- C:\Program Files (x86)\Firefox
2016-06-28 11:46:32 ----D---- C:\ProgramData\bwinpb
2016-06-28 11:46:17 ----D---- C:\Program Files (x86)\5k9vimax
2016-06-27 14:35:15 ----D---- C:\Program Files (x86)\SFK
2016-06-27 14:34:37 ----D---- C:\Windows\SYSWOW64\_TSpm
2016-06-27 12:14:18 ----D---- C:\Program Files (x86)\app_00000002
2016-06-27 12:14:06 ----D---- C:\ProgramData\awinpa
2016-06-27 12:13:54 ----D---- C:\Program Files (x86)\2mavm9y0
2016-06-21 16:31:25 ----D---- C:\Program Files (x86)\app_00000001
2016-06-21 06:31:54 ----D---- C:\Users\Bax2013\AppData\Roaming\qksee
2016-06-21 06:31:45 ----D---- C:\Program Files (x86)\TData
2016-06-21 06:31:34 ----D---- C:\Program Files (x86)\ab7a7a3o
2016-06-19 19:54:23 ----D---- C:\ProgramData\Sony
2016-06-19 19:53:02 ----D---- C:\Users\Bax2013\AppData\Roaming\Sony
2016-06-19 19:52:57 ----D---- C:\Program Files (x86)\Sony
2016-06-19 19:52:41 ----D---- C:\Program Files\Sony
======List of files/folders modified in the last 1 month======
2016-07-14 22:45:16 ----D---- C:\Windows\SysWOW64
2016-07-14 08:49:15 ----D---- C:\Users\Bax2013\AppData\Roaming\IDM
2016-07-13 23:13:37 ----D---- C:\Windows\system32\config
2016-07-13 23:05:36 ----D---- C:\Windows\System32
2016-07-13 23:05:36 ----D---- C:\Windows\inf
2016-07-13 23:05:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-13 22:58:13 ----D---- C:\Windows\system32\Tasks
2016-07-13 22:56:48 ----D---- C:\Users\Bax2013\AppData\Roaming\DMCache
2016-07-13 22:54:30 ----D---- C:\Windows
2016-07-13 22:49:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-13 22:49:33 ----D---- C:\Windows\system32\Macromed
2016-07-13 22:49:32 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-13 07:45:29 ----D---- C:\Windows\system32\drivers\etc
2016-07-11 23:34:55 ----D---- C:\Users\Bax2013\AppData\Roaming\Dropbox
2016-07-09 15:34:32 ----D---- C:\Users\Bax2013\AppData\Roaming\vlc
2016-07-09 15:06:30 ----SHD---- C:\Windows\Installer
2016-07-09 15:06:26 ----D---- C:\Windows\winsxs
2016-07-09 15:06:24 ----RD---- C:\Program Files
2016-07-09 14:42:43 ----RD---- C:\Program Files (x86)
2016-07-09 14:42:35 ----D---- C:\Windows\Tasks
2016-07-09 10:28:49 ----D---- C:\Windows\system32\drivers
2016-07-09 10:00:02 ----D---- C:\ProgramData\Legpat
2016-07-09 09:59:17 ----D---- C:\Program Files (x86)\yesforsearchesbnd
2016-07-09 09:58:41 ----D---- C:\Program Files (x86)\1E0089A0-1452897906-6400-1956-AC220BCDE10C
2016-07-09 09:13:54 ----D---- C:\Windows\Downloaded Program Files
2016-07-07 23:15:44 ----D---- C:\Users\Bax2013\AppData\Roaming\avidemux
2016-07-07 22:44:24 ----HD---- C:\ProgramData
2016-07-07 10:30:08 ----SHD---- C:\System Volume Information
2016-07-06 22:46:55 ----D---- C:\Program Files (x86)\Common Files
2016-07-05 01:23:04 ----D---- C:\Windows\system32\LogFiles
2016-07-05 00:07:41 ----D---- C:\Program Files (x86)\PDF Architect 2
2016-07-04 23:47:06 ----D---- C:\Users\Bax2013\AppData\Roaming\Media Player Classic
2016-07-04 13:25:18 ----D---- C:\Windows\rescache
2016-07-04 13:07:09 ----D---- C:\Windows\Microsoft.NET
2016-07-04 13:04:48 ----RSD---- C:\Windows\assembly
2016-07-04 11:41:30 ----A---- C:\Windows\AutoKMS.ini
2016-07-03 23:47:46 ----D---- C:\Windows\Logs
2016-07-03 23:36:39 ----D---- C:\Windows\system32\catroot2
2016-07-03 14:31:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-03 14:31:22 ----D---- C:\Windows\system32\cs-CZ
2016-07-03 14:17:47 ----D---- C:\Program Files\Microsoft Silverlight
2016-07-03 14:17:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-07-03 00:30:29 ----SD---- C:\Windows\system32\CompatTel
2016-07-03 00:30:29 ----D---- C:\Windows\system32\wbem
2016-07-03 00:30:29 ----D---- C:\Windows\system32\appraiser
2016-07-03 00:30:29 ----D---- C:\Windows\ehome
2016-07-03 00:30:29 ----D---- C:\Windows\AppPatch
2016-07-03 00:30:27 ----D---- C:\Program Files\Windows Sidebar
2016-07-03 00:30:27 ----D---- C:\Program Files\Windows Photo Viewer
2016-07-03 00:30:27 ----D---- C:\Program Files\Windows Media Player
2016-07-03 00:30:27 ----D---- C:\Program Files\Windows Mail
2016-07-03 00:30:27 ----D---- C:\Program Files\Windows Journal
2016-07-03 00:30:27 ----D---- C:\Program Files\DVD Maker
2016-07-03 00:30:27 ----D---- C:\Program Files\Common Files\System
2016-07-03 00:30:27 ----D---- C:\Program Files (x86)\Windows Sidebar
2016-07-03 00:30:27 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-07-03 00:30:27 ----D---- C:\Program Files (x86)\Windows Media Player
2016-07-03 00:30:27 ----D---- C:\Program Files (x86)\Windows Mail
2016-07-03 00:30:27 ----D---- C:\Program Files (x86)\Windows Defender
2016-07-03 00:30:26 ----D---- C:\Windows\SYSWOW64\winrm
2016-07-03 00:30:26 ----D---- C:\Windows\SYSWOW64\slmgr
2016-07-03 00:30:26 ----D---- C:\Windows\SYSWOW64\migwiz
2016-07-03 00:30:26 ----D---- C:\Windows\SYSWOW64\migration
2016-07-03 00:30:26 ----D---- C:\Windows\servicing
2016-07-03 00:30:26 ----D---- C:\Program Files\Windows Defender
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\WCN
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\wbem
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\MUI
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\DriverStore
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\drivers
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\Dism
2016-07-03 00:30:24 ----D---- C:\Windows\SYSWOW64\com
2016-07-03 00:30:24 ----D---- C:\Windows\system32\winrm
2016-07-03 00:30:24 ----D---- C:\Windows\system32\sysprep
2016-07-03 00:30:24 ----D---- C:\Windows\system32\slmgr
2016-07-03 00:30:24 ----D---- C:\Windows\system32\oobe
2016-07-03 00:30:24 ----D---- C:\Windows\system32\migwiz
2016-07-03 00:30:24 ----D---- C:\Windows\system32\migration
2016-07-03 00:30:24 ----D---- C:\Windows\system32\Boot
2016-07-03 00:30:24 ----D---- C:\Windows\PolicyDefinitions
2016-07-03 00:30:24 ----D---- C:\Windows\IME
2016-07-03 00:30:21 ----D---- C:\Windows\system32\WCN
2016-07-03 00:30:21 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2016-07-03 00:30:21 ----D---- C:\Windows\system32\MUI
2016-07-03 00:30:21 ----D---- C:\Windows\system32\DriverStore
2016-07-03 00:30:21 ----D---- C:\Windows\system32\drivers\UMDF
2016-07-03 00:30:21 ----D---- C:\Windows\system32\Dism
2016-07-03 00:30:21 ----D---- C:\Windows\system32\com
2016-07-03 00:30:19 ----RSD---- C:\Windows\Fonts
2016-07-03 00:30:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-07-03 00:30:19 ----D---- C:\Windows\system32\sk-SK
2016-07-03 00:30:18 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-03 00:30:18 ----D---- C:\Windows\system32\en-US
2016-07-03 00:30:18 ----D---- C:\Windows\sk-SK
2016-07-03 00:30:17 ----D---- C:\Program Files\Internet Explorer
2016-07-03 00:30:17 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-03 00:27:24 ----D---- C:\ProgramData\Microsoft Help
2016-07-03 00:27:13 ----D---- C:\Windows\Temp
2016-07-03 00:27:13 ----D---- C:\Windows\system32\MRT
2016-07-03 00:21:28 ----D---- C:\Windows\debug
2016-07-03 00:21:24 ----A---- C:\Windows\system32\MRT.exe
2016-07-02 23:56:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-07-02 00:47:28 ----D---- C:\Users\Bax2013\AppData\Roaming\MPC-HC
2016-07-01 12:04:45 ----D---- C:\Program Files\Common Files\AV
2016-07-01 10:29:47 ----D---- C:\Windows\system32\wdi
2016-07-01 10:26:15 ----SD---- C:\ProgramData\Microsoft
2016-07-01 08:59:25 ----SD---- C:\Users\Bax2013\AppData\Roaming\Microsoft
2016-06-27 16:53:31 ----D---- C:\Users\Bax2013\AppData\Roaming\Swiftdata
2016-06-27 12:14:18 ----D---- C:\ProgramData\uckt
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu CPU 100%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu CPU 100%
pokračovanie
-
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-30 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-05-30 287528]
R0 EUBAKUP;EUBAKUP; C:\Windows\system32\drivers\eubakup.sys [2013-09-04 61000]
R0 EUBKMON;EUBKMON; C:\Windows\system32\drivers\EUBKMON.sys [2013-09-04 48200]
R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [2011-03-14 24880]
R0 mvs91xx;mvs91xx; C:\Windows\system32\DRIVERS\mvs91xx.sys [2011-03-14 313136]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-05-30 161760]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2013-01-15 14464]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-30 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-30 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-30 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-30 465792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 EUDSKACS;EUDSKACS; \??\C:\Windows\system32\drivers\eudskacs.sys [2013-09-04 18504]
R1 EUFDDISK;EUFDDISK; \??\C:\Windows\system32\drivers\EuFdDisk.sys [2013-09-04 189000]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 262344]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 52392]
R1 SPVDPort;SoftPerfect Virtual Disk; C:\Windows\system32\DRIVERS\spvdbus.sys [2014-02-03 92152]
R1 SPVVEngine;SoftPerfect RAM Disk; \??\C:\Windows\system32\Drivers\spvve.sys [2014-02-03 339960]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2015-11-21 230352]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-30 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-30 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-30 166432]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2015-06-12 197616]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 sensorsview64;sensorsview64; \??\C:\Windows\SysWow64\sensorsview32_64.sys [2008-07-26 14544]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-05-30 323392]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-30 11833856]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-30 608768]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-06-24 140032]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2013-06-24 420608]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2013-02-21 495888]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2013-08-09 26136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-06-04 3441992]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-12-16 14112]
R3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\DRIVERS\ViaHub3.sys [2013-01-03 231112]
S1 GsRamDsk;%DiskServiceDesc%; C:\Windows\system32\DRIVERS\GsRamDsk.sys [2014-07-26 57424]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-06-30 22704]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-12-30 37344]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys [2016-05-23 55056]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-03-05 1528976]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-24 81088]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-30 241152]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-05-14 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-05-14 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe [2012-11-07 399744]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-30 243296]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2015-12-24 388968]
R2 DTSAudioSvc;DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-10-02 240584]
R2 EaseUS Agent;EaseUS Agent Service; D:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2013-12-02 36936]
R2 Guard Agent;Guard Agent Service; D:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2013-09-04 23624]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-01-03 183200]
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2016-05-23 118048]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-13 169432]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 Samsung Link Service;Samsung Link Service; D:\Program Files\Samsung Link\Samsung Link.exe [2016-03-09 623848]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-12-18 2103096]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-05-30 5570272]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 cktSvc;cktSvc; C:\Program Files (x86)\Uncheckit\cktSvc.exe {92E162D7-70FD-48F7-A779-91154F8FD518} []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-17 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-05-20 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-05 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
-----------------EOF-----------------
-
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-30 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-05-30 287528]
R0 EUBAKUP;EUBAKUP; C:\Windows\system32\drivers\eubakup.sys [2013-09-04 61000]
R0 EUBKMON;EUBKMON; C:\Windows\system32\drivers\EUBKMON.sys [2013-09-04 48200]
R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [2011-03-14 24880]
R0 mvs91xx;mvs91xx; C:\Windows\system32\DRIVERS\mvs91xx.sys [2011-03-14 313136]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-05-30 161760]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2013-01-15 14464]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-30 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-30 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-30 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-30 465792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 EUDSKACS;EUDSKACS; \??\C:\Windows\system32\drivers\eudskacs.sys [2013-09-04 18504]
R1 EUFDDISK;EUFDDISK; \??\C:\Windows\system32\drivers\EuFdDisk.sys [2013-09-04 189000]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 262344]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 52392]
R1 SPVDPort;SoftPerfect Virtual Disk; C:\Windows\system32\DRIVERS\spvdbus.sys [2014-02-03 92152]
R1 SPVVEngine;SoftPerfect RAM Disk; \??\C:\Windows\system32\Drivers\spvve.sys [2014-02-03 339960]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2015-11-21 230352]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-30 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-30 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-30 166432]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2015-06-12 197616]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 sensorsview64;sensorsview64; \??\C:\Windows\SysWow64\sensorsview32_64.sys [2008-07-26 14544]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-05-30 323392]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-30 11833856]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-30 608768]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-06-24 140032]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2013-06-24 420608]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2013-02-21 495888]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2013-08-09 26136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-06-04 3441992]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-12-16 14112]
R3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\DRIVERS\ViaHub3.sys [2013-01-03 231112]
S1 GsRamDsk;%DiskServiceDesc%; C:\Windows\system32\DRIVERS\GsRamDsk.sys [2014-07-26 57424]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-06-30 22704]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-12-30 37344]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys [2016-05-23 55056]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2013-03-05 1528976]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-24 81088]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-30 241152]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-05-14 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-05-14 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe [2012-11-07 399744]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-30 243296]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2015-12-24 388968]
R2 DTSAudioSvc;DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-10-02 240584]
R2 EaseUS Agent;EaseUS Agent Service; D:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2013-12-02 36936]
R2 Guard Agent;Guard Agent Service; D:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2013-09-04 23624]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-01-03 183200]
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2016-05-23 118048]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-13 169432]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 Samsung Link Service;Samsung Link Service; D:\Program Files\Samsung Link\Samsung Link.exe [2016-03-09 623848]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-12-18 2103096]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-05-30 5570272]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 cktSvc;cktSvc; C:\Program Files (x86)\Uncheckit\cktSvc.exe {92E162D7-70FD-48F7-A779-91154F8FD518} []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-17 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-05-20 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-05 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
-----------------EOF-----------------
Re: Prosím o kontrolu CPU 100%
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu CPU 100%
OTL logfile created on: 28. 7. 2016 22:52:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Bax2013\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18349)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
15,94 Gb Total Physical Memory | 6,67 Gb Available Physical Memory | 41,84% Memory free
15,96 Gb Paging File | 5,47 Gb Available in Paging File | 34,25% Paging File free
Paging file location(s): e:\pagefile.sys 16 500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 49,85 Gb Free Space | 44,59% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 1,01 Gb Free Space | 5,16% Space Free | Partition Type: NTFS
Drive E: | 147,24 Gb Total Space | 2,61 Gb Free Space | 1,77% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 3,83 Gb Free Space | 19,61% Space Free | Partition Type: NTFS
Drive N: | 37,28 Gb Total Space | 1,63 Gb Free Space | 4,36% Space Free | Partition Type: NTFS
Drive O: | 37,25 Gb Total Space | 0,54 Gb Free Space | 1,45% Space Free | Partition Type: NTFS
Drive P: | 3725,90 Gb Total Space | 1387,84 Gb Free Space | 37,25% Space Free | Partition Type: NTFS
Drive R: | 2,25 Gb Total Space | 2,18 Gb Free Space | 96,97% Space Free | Partition Type: NTFS
Computer Name: BAX2013-PC | User Name: Bax2013 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/07/28 22:44:21 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
PRC - [2016/07/25 11:15:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Bax2013\Desktop\OTL.exe
PRC - [2016/07/13 22:49:36 | 003,446,976 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
PRC - [2016/07/05 20:00:44 | 024,204,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2016/06/27 12:13:52 | 007,408,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016/06/24 04:20:32 | 000,392,136 | ---- | M] (Mozilla Corporation) -- F:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/06/01 14:38:50 | 000,953,016 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2016/05/30 23:13:34 | 000,243,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/05/23 04:42:35 | 000,369,488 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
PRC - [2016/05/23 04:37:15 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
PRC - [2016/05/23 04:37:15 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
PRC - [2016/03/28 23:06:42 | 000,327,680 | ---- | M] () -- D:\Program Files\Serviio\bin\ServiioService.exe
PRC - [2016/01/08 14:08:40 | 001,021,736 | ---- | M] (Samsung) -- D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2016/01/08 14:08:34 | 000,318,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2016/01/08 14:08:32 | 001,572,648 | ---- | M] (Samsung) -- D:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2016/01/08 10:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) -- D:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
PRC - [2015/12/24 16:13:02 | 000,388,968 | ---- | M] (Digital Wave Ltd.) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
PRC - [2015/11/10 22:09:40 | 003,911,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2015/09/24 09:40:30 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/06/24 19:46:44 | 000,257,816 | ---- | M] (Maxthon International ltd.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
PRC - [2015/02/04 14:05:36 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/12/21 11:29:14 | 000,755,080 | ---- | M] (Samsung) -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
PRC - [2013/12/02 12:48:44 | 000,036,936 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- D:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2013/09/04 12:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- D:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
PRC - [2013/05/14 13:42:58 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2013/05/14 13:42:58 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2013/05/13 16:16:10 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/01/10 19:09:26 | 000,848,384 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2012/11/07 16:11:14 | 000,399,744 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
PRC - [2012/08/14 18:05:54 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
PRC - [2012/08/07 14:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\AI Suite II.exe
PRC - [2012/05/03 13:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/03/13 13:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 08:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2011/09/08 22:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/07/12 17:14:26 | 000,331,776 | ---- | M] (VIA Technologies, Inc.) -- C:\VIA_XHCI\usb3Monitor.exe
PRC - [2011/04/28 17:26:00 | 002,569,728 | ---- | M] (Xerox) -- C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
PRC - [2009/06/05 15:30:12 | 000,140,800 | ---- | M] (Nymithium Technologies™) -- D:\Program Files (x86)\Alt-Tab Thingy v4\attmain.exe
========== Modules (No Company Name) ==========
MOD - [2016/07/13 22:49:35 | 019,483,328 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
MOD - [2016/07/05 20:00:26 | 000,024,904 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
MOD - [2016/07/05 20:00:26 | 000,021,840 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
MOD - [2016/07/05 20:00:26 | 000,021,832 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
MOD - [2016/07/05 20:00:24 | 000,023,376 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
MOD - [2016/07/05 20:00:24 | 000,022,352 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
MOD - [2016/07/05 20:00:22 | 000,023,872 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
MOD - [2016/07/05 20:00:22 | 000,020,800 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
MOD - [2016/07/05 20:00:22 | 000,020,800 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
MOD - [2016/07/05 20:00:22 | 000,019,776 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
MOD - [2016/07/05 20:00:20 | 000,381,752 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
MOD - [2016/07/05 20:00:18 | 000,019,760 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
MOD - [2016/07/05 20:00:14 | 003,928,880 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
MOD - [2016/07/05 20:00:14 | 000,223,544 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
MOD - [2016/07/05 20:00:14 | 000,132,912 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
MOD - [2016/07/05 20:00:12 | 000,546,096 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
MOD - [2016/07/05 20:00:12 | 000,357,680 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
MOD - [2016/07/05 20:00:12 | 000,207,672 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
MOD - [2016/07/05 20:00:10 | 001,971,504 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
MOD - [2016/07/05 20:00:10 | 001,826,096 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
MOD - [2016/07/05 20:00:10 | 000,531,248 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
MOD - [2016/07/05 20:00:08 | 000,052,024 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
MOD - [2016/07/05 20:00:08 | 000,024,392 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
MOD - [2016/07/05 20:00:06 | 000,084,280 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
MOD - [2016/07/05 20:00:06 | 000,038,696 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\fastpath.pyd
MOD - [2016/07/05 20:00:04 | 000,026,456 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
MOD - [2016/07/05 19:59:56 | 001,682,760 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
MOD - [2016/07/05 19:59:56 | 000,020,816 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
MOD - [2016/07/05 19:59:56 | 000,020,808 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
MOD - [2016/07/05 19:59:54 | 000,246,592 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
MOD - [2016/07/05 19:59:54 | 000,020,280 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
MOD - [2016/07/02 23:57:46 | 019,094,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\da36abbea6ef456f432434d4d8d835c1\PresentationFramework.ni.dll
MOD - [2016/07/02 23:57:38 | 011,567,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\416ba33cb980d07643e82c4c45bd5786\PresentationCore.ni.dll
MOD - [2016/07/02 23:57:33 | 012,944,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\5aac750b35b27770dccb1a43f83cced7\System.Windows.Forms.ni.dll
MOD - [2016/07/02 23:57:32 | 003,968,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\32512bd09e2231f6eebb15fc17e3ad79\WindowsBase.ni.dll
MOD - [2016/07/02 23:57:30 | 000,974,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\46957030830964165644b52b0696c5d9\System.Configuration.ni.dll
MOD - [2016/07/02 23:57:29 | 007,516,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\55560c2014611e9119f99923c9ebdeef\System.Core.ni.dll
MOD - [2016/07/02 23:57:29 | 007,378,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d86b080a37c60a872c82b912a2a63dac\System.Xml.ni.dll
MOD - [2016/07/02 23:57:28 | 001,879,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6d09f865a22e2f903b74476769e1b76a\System.Xaml.ni.dll
MOD - [2016/07/02 23:57:28 | 000,791,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\647f9e8a4465888d8348c3f66611c463\System.Runtime.Remoting.ni.dll
MOD - [2016/07/02 23:57:27 | 001,623,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\646b4b01cb29986f8e076aa65c9e9753\System.Drawing.ni.dll
MOD - [2016/07/02 23:57:26 | 000,218,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\86909e4c4c7deb51e42b8f335c7aaa77\System.ServiceProcess.ni.dll
MOD - [2016/07/02 23:57:24 | 009,981,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\52cca48930e580e3189eac47158c20be\System.ni.dll
MOD - [2016/07/02 23:57:20 | 018,120,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\225759bb87c854c0fff27b1d84858c21\mscorlib.ni.dll
MOD - [2016/06/07 04:04:36 | 000,697,304 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2016/06/07 04:02:50 | 001,631,184 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2016/06/07 04:02:50 | 000,017,864 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2016/06/07 04:01:16 | 000,036,296 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\librsync.dll
MOD - [2016/06/07 04:00:48 | 000,350,152 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winxpgui.pyd
MOD - [2016/06/07 04:00:48 | 000,048,592 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32service.pyd
MOD - [2016/06/07 04:00:48 | 000,028,616 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32ts.pyd
MOD - [2016/06/07 04:00:46 | 000,114,640 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32security.pyd
MOD - [2016/06/07 04:00:46 | 000,060,880 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32print.pyd
MOD - [2016/06/07 04:00:46 | 000,043,472 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32process.pyd
MOD - [2016/06/07 04:00:46 | 000,030,160 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32pipe.pyd
MOD - [2016/06/07 04:00:46 | 000,024,016 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32profile.pyd
MOD - [2016/06/07 04:00:44 | 000,175,560 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32gui.pyd
MOD - [2016/06/07 04:00:44 | 000,124,880 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32file.pyd
MOD - [2016/06/07 04:00:44 | 000,057,808 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
MOD - [2016/06/07 04:00:44 | 000,024,528 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32event.pyd
MOD - [2016/06/07 04:00:44 | 000,024,016 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
MOD - [2016/06/07 04:00:42 | 000,105,928 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32api.pyd
MOD - [2016/06/07 04:00:42 | 000,020,936 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\mmapfile.pyd
MOD - [2016/06/07 03:59:30 | 000,123,856 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
MOD - [2016/06/07 03:59:28 | 000,240,584 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\jpegtran.pyd
MOD - [2016/06/07 03:59:28 | 000,083,912 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\sip.pyd
MOD - [2016/06/07 03:59:26 | 000,019,408 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\faulthandler.pyd
MOD - [2016/06/07 03:58:46 | 000,034,768 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
MOD - [2016/06/07 03:58:44 | 000,692,688 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\unicodedata.pyd
MOD - [2016/06/07 03:58:44 | 000,134,608 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_elementtree.pyd
MOD - [2016/06/07 03:58:44 | 000,093,640 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_ctypes.pyd
MOD - [2016/06/07 03:58:44 | 000,018,376 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\select.pyd
MOD - [2016/06/07 03:58:42 | 000,134,088 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\pyexpat.pyd
MOD - [2016/06/07 03:58:42 | 000,116,688 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\pywintypes27.dll
MOD - [2016/06/07 03:58:40 | 000,392,144 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\pythoncom27.dll
MOD - [2016/06/01 14:39:06 | 000,439,480 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2016/06/01 14:39:06 | 000,321,208 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2016/05/30 23:13:35 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/05/30 23:13:34 | 000,479,680 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/05/30 23:13:34 | 000,135,816 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/05/30 23:13:34 | 000,123,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/05/23 04:37:19 | 000,065,696 | ---- | M] () -- C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
MOD - [2016/05/23 04:37:15 | 000,179,200 | ---- | M] () -- C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
MOD - [2014/09/11 05:19:54 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Core\Webkit\pdf.dll
MOD - [2014/09/11 05:19:54 | 002,128,152 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll
MOD - [2014/09/11 05:19:54 | 000,887,064 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Core\Webkit\libGLESv2.dll
MOD - [2014/09/11 05:19:54 | 000,109,336 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Core\Webkit\libEGL.dll
MOD - [2014/09/11 05:19:44 | 000,258,944 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Bin\Maxzlib.dll
MOD - [2014/09/11 05:19:40 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
MOD - [2013/05/08 16:22:48 | 001,040,896 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\EasyUpdate\EasyUpdt.dll
MOD - [2013/04/15 15:19:46 | 000,883,712 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Sensor\Sensor.dll
MOD - [2013/01/10 19:16:00 | 000,193,024 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2013/01/10 19:09:26 | 000,848,384 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2013/01/10 18:32:54 | 001,411,072 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2012/10/08 18:07:46 | 000,972,288 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/08/29 19:09:00 | 000,875,520 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\TabGadget\TabGadget.dll
MOD - [2012/07/20 10:39:40 | 001,047,040 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Probe_II\ProbeII.dll
MOD - [2012/06/19 13:56:22 | 001,305,600 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 22:27:04 | 001,622,528 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/09/19 21:18:20 | 001,243,136 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 10:06:44 | 000,846,848 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 20:14:52 | 000,147,456 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\AssistFunc.dll
MOD - [2010/10/05 09:22:50 | 000,253,952 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\pngio.dll
MOD - [2010/10/05 09:22:50 | 000,208,896 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 04:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2009/08/12 21:15:52 | 000,253,952 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Sensor\AlertHelper\pngio.dll
MOD - [2005/09/15 19:48:42 | 000,176,128 | ---- | M] () -- D:\Program Files (x86)\Alt-Tab Thingy v4\atthooks.dll
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/30 23:13:34 | 000,243,296 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2016/05/30 23:13:31 | 005,570,272 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2016/05/20 23:54:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2016/03/09 17:20:54 | 000,623,848 | ---- | M] (Samsung Electronics Co.,Ltd) [On_Demand | Running] -- C:\Program Files\Samsung\Samsung Link\Samsung Link.exe -- (Samsung Link Service)
SRV:64bit: - [2015/07/23 02:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/12/21 11:31:20 | 000,404,360 | ---- | M] (Samsung) [Auto | Running] -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe -- (AllShare Framework DMS)
SRV:64bit: - [2013/08/30 07:13:54 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/01/03 15:38:52 | 000,183,200 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2012/12/10 15:31:44 | 000,803,872 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2012/12/10 15:31:28 | 000,732,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012/10/02 08:41:44 | 000,240,584 | ---- | M] (DTS, Inc) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe -- (DTSAudioSvc)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/07/15 22:07:43 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/23 04:37:15 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) [Auto | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe -- (iSafeService)
SRV - [2016/03/28 23:06:42 | 000,327,680 | ---- | M] () [Auto | Running] -- D:\Program Files\Serviio\bin\ServiioService.exe -- (Serviio)
SRV - [2016/01/08 10:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- D:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2015/12/24 16:13:02 | 000,388,968 | ---- | M] (Digital Wave Ltd.) [Auto | Running] -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe -- (DigitalWave.Update.Service)
SRV - [2015/11/05 20:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015/09/24 09:40:30 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/10 16:03:38 | 001,771,560 | ---- | M] (pdfforge GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\PDF Architect 2\ws.exe -- (PDF Architect 2)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/19 01:44:36 | 050,942,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/12/18 11:01:06 | 002,103,096 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/12/02 12:48:44 | 000,036,936 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- D:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2013/09/04 12:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- D:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2013/05/14 13:42:58 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2013/05/14 13:42:58 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2013/05/13 16:16:10 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/03/01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012/11/07 16:11:14 | 000,399,744 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/02/17 08:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2011/04/28 14:07:00 | 000,095,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe -- (XRNADB)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/06/30 09:31:20 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:64bit: - [2016/05/30 23:13:36 | 000,465,792 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2016/05/30 23:13:36 | 000,287,528 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2016/05/30 23:13:36 | 000,166,432 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2016/05/30 23:13:36 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2016/05/30 23:13:36 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2016/05/30 23:13:36 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2016/05/30 23:13:36 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2016/05/30 23:13:33 | 001,070,904 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2016/05/30 23:13:33 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2016/05/30 23:13:32 | 000,161,760 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ngvss.sys -- (ngvss)
DRV:64bit: - [2016/05/30 23:13:31 | 000,323,392 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2016/05/23 04:41:44 | 000,055,056 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys -- (iSafeKrnlBoot)
DRV:64bit: - [2016/05/19 08:42:01 | 000,052,392 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys -- (iSafeNetFilter)
DRV:64bit: - [2016/01/08 10:51:54 | 000,213,088 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:64bit: - [2016/01/08 10:51:54 | 000,213,088 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2016/01/08 10:51:54 | 000,120,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2015/11/21 01:03:33 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2015/06/12 06:00:58 | 000,197,616 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2014/07/26 10:38:40 | 000,057,424 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\GsRamDsk.sys -- (GsRamDsk)
DRV:64bit: - [2014/02/03 12:39:48 | 000,339,960 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\spvve.sys -- (SPVVEngine)
DRV:64bit: - [2014/02/03 12:39:48 | 000,092,152 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\spvdbus.sys -- (SPVDPort)
DRV:64bit: - [2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/04 12:24:10 | 000,189,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:64bit: - [2013/09/04 12:24:10 | 000,061,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:64bit: - [2013/09/04 12:24:10 | 000,048,200 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:64bit: - [2013/09/04 12:24:10 | 000,018,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:64bit: - [2013/08/30 09:53:56 | 011,833,856 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/08/30 06:47:00 | 000,608,768 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/08/09 09:13:36 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2013/06/24 14:36:12 | 000,420,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2013/06/24 14:36:12 | 000,140,032 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2013/05/13 16:16:10 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/04/24 18:31:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/03/05 14:14:46 | 001,528,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTWlanU.sys -- (RtlWlanu)
DRV:64bit: - [2013/03/01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/02/21 07:14:03 | 000,495,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2013/01/03 10:31:20 | 000,301,256 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2013/01/03 10:31:18 | 000,231,112 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2012/08/23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/06 11:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/03/14 11:29:46 | 000,313,136 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/14 11:29:46 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2016/05/23 04:41:44 | 000,262,344 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys -- (iSafeKrnl)
DRV - [2016/05/23 04:41:44 | 000,110,112 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys -- (iSafeKrnlKit)
DRV - [2016/05/23 04:41:44 | 000,052,440 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys -- (iSafeKrnlMon)
DRV - [2016/05/23 04:41:16 | 000,103,904 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys -- (iSafeKrnlR3)
DRV - [2013/12/30 03:54:22 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013/12/16 15:34:30 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/07/26 20:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\sensorsview32_64.sys -- (sensorsview64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.attirerpage.com/search/?type ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.attirerpage.com/search/?type ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.attirerpage.com/search/?type ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.attirerpage.com/search/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.attirerpage.com/search/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.attirerpage.com/search/?type ... earchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=s ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk-SK
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 2D 32 E0 63 DD D5 D1 01 [binary data]
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.defaultenginename: "nice"
FF - prefs.js..browser.search.order.1: "nice"
FF - prefs.js..browser.search.region: "SK"
FF - prefs.js..browser.search.searchengine.alias: ""
FF - prefs.js..browser.search.searchengine.iconURL: "http://www.nicesearches.com/favicon.ico?t=1"
FF - prefs.js..browser.search.searchengine.name: "nice"
FF - prefs.js..browser.search.searchengine.ref: ""
FF - prefs.js..browser.search.searchengine.ts: "1467174390"
FF - prefs.js..browser.search.searchengine.type: ""
FF - prefs.js..browser.search.searchengine.uid: "st4000dm000-1f2168_z300dq0kxxxxz300dq0k"
FF - prefs.js..browser.search.searchengine.url: "http://www.nicesearches.com/search.php? ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "nice"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.nicesearches.com?type=hp&ts= ... 5mfzac9tcm"
FF - prefs.js..extensions.enabledAddons: s3google%40translator:5.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0.1
FF - user.js..browser.search.defaultenginename: "nice"
FF - user.js..browser.search.order.1: "nice"
FF - user.js..browser.search.searchengine.alias: ""
FF - user.js..browser.search.searchengine.iconURL: "http://www.nicesearches.com/favicon.ico?t=1"
FF - user.js..browser.search.searchengine.name: "nice"
FF - user.js..browser.search.searchengine.ref: ""
FF - user.js..browser.search.searchengine.ts: "1467174390"
FF - user.js..browser.search.searchengine.type: ""
FF - user.js..browser.search.searchengine.uid: "st4000dm000-1f2168_z300dq0kxxxxz300dq0k"
FF - user.js..browser.search.searchengine.url: "http://www.nicesearches.com/search.php? ... earchTerms}"
FF - user.js..browser.search.selectedEngine: "nice"
FF - user.js..browser.search.useDBForOrder: true
FF - user.js..browser.startup.homepage: "http://www.nicesearches.com?type=hp&ts= ... 5mfzac9tcm"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\PDF Architect 2: C:\Program Files (x86)\PDF Architect 2\np-previewer.dll File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/05/30 23:13:37 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/05/30 23:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/05/30 23:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/05/30 23:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\arthurj8283@gmail.com: C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\extensions\arthurj8283@gmail.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 47.0.1\extensions\\Components: f:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 47.0.1\extensions\\Plugins: f:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.40\extensions\\Components: D:\Program Files (x86)\SeaMonkey\components [2016/05/06 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.40\extensions\\Plugins: D:\Program Files (x86)\SeaMonkey\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015/11/09 15:09:52 | 000,030,181 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015/11/09 15:09:52 | 000,030,181 | ---- | M] ()
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Extensions
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2016/06/30 06:32:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Firefox\Profiles\0zymj2qe.default\extensions
[2016/01/16 00:44:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Firefox\Profiles\0zymj2qe.default\extensions\1452897898_xpi
[2016/07/24 22:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Firefox\Profiles\41A66E7E5EE1\extensions
[2016/01/16 00:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions
[2016/05/06 12:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\SeaMonkey\Profiles\33ohs5rz.default\extensions
[2015/08/17 22:04:13 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Bax2013\AppData\Roaming\mozilla\SeaMonkey\Profiles\33ohs5rz.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2016/05/06 12:42:08 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Bax2013\AppData\Roaming\mozilla\SeaMonkey\Profiles\33ohs5rz.default\extensions\inspector@mozilla.org
[2016/05/06 12:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\SeaMonkey\Profiles\33ohs5rz.default\extensions\inspector@mozilla.org\chrome\inspector\content\inspector\extensions
[2016/01/16 00:31:29 | 000,337,933 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\0zymj2qe.default\extensions\s3google@translator.xpi
[2016/07/08 11:13:24 | 000,042,019 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\extensions\@youtuberightclick.xpi
[2016/07/08 11:10:17 | 002,617,021 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\extensions\firebug@software.joehewitt.com.xpi
[2016/07/24 22:09:28 | 000,378,767 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\extensions\s3google@translator.xpi
[2016/07/09 15:02:29 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/01/14 10:47:56 | 000,330,935 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi
[2016/01/16 00:31:29 | 000,337,933 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\s3google@translator.xpi
[2016/06/27 14:34:43 | 000,000,652 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\0zymj2qe.default\searchplugins\attirerpage.xml
[2016/01/16 00:44:56 | 000,000,627 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\0zymj2qe.default\searchplugins\mysites123.xml
[2016/06/29 13:57:38 | 000,000,762 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\0zymj2qe.default\searchplugins\nice.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Bax2013\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
O1 HOSTS File: ([2016/07/13 07:45:29 | 000,453,077 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 down.baidu2016.com
O1 - Hosts: 127.0.0.1 123.sogou.com
O1 - Hosts: 127.0.0.1 www.czzsyzgm.com
O1 - Hosts: 127.0.0.1 www.czzsyzxl.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 15554 more lines...
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1391750300-441857230-858820617-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [NetWorx] E:\ProgNeinst\+INTERNET\networx_portable\64-bit\networx.exe (SoftPerfect)
O4:64bit: - HKLM..\Run: [RAMDiskForWorkstations] F:\Program Files\SoftPerfect RAM Disk\RAMDiskWS.exe (SoftPerfect Research)
O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Samsung Link] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Samsung Electronics Co.,Ltd)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [Alt-Tab Thingy] D:\Program Files (x86)\Alt-Tab Thingy v4\attmain.exe (Nymithium Technologies™)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DocuPrint 6015B RUN] C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Launcher6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015B File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StatusAutoRun6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015B,hide,\S File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [Dropbox Update] C:\Users\Bax2013\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [KiesPDLR] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [KiesPDLR.exe] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [KiesPreload] D:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [Namedate] E:\ProgNeinst\Nezmeskaj\nezmeskej.exe (Petr Mazánek (mazi@all4u.cz, +420608702180))
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8:64bit: - Extra context menu item: Stiahnuť s IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 10.1.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9396339-060D-4168-824F-EB6D28279756}: DhcpNameServer = 192.168.0.1 10.1.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B318A6B3-FB25-4E9D-897C-CFD4EBEFFFB3}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\Jaksta\AC\x64\jaudcap.dll) - C:\Windows\Jaksta\AC\x64\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20 - AppInit_DLLs: (C:\Windows\Jaksta\AC\x86\jaudcap.dll) - C:\Windows\Jaksta\AC\x86\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\volaro: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\vonteera: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/06/30 09:35:36 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: VIDC.CSCD - C:\Windows\SysWow64\camcodec.dll (CamStudio Group)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.HFYU - C:\Windows\SysWow64\huffyuv.dll (Disappearing Inc.)
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.VP80 - vp8vfw.dll File not found
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Bax2013\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18349)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
15,94 Gb Total Physical Memory | 6,67 Gb Available Physical Memory | 41,84% Memory free
15,96 Gb Paging File | 5,47 Gb Available in Paging File | 34,25% Paging File free
Paging file location(s): e:\pagefile.sys 16 500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 49,85 Gb Free Space | 44,59% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 1,01 Gb Free Space | 5,16% Space Free | Partition Type: NTFS
Drive E: | 147,24 Gb Total Space | 2,61 Gb Free Space | 1,77% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 3,83 Gb Free Space | 19,61% Space Free | Partition Type: NTFS
Drive N: | 37,28 Gb Total Space | 1,63 Gb Free Space | 4,36% Space Free | Partition Type: NTFS
Drive O: | 37,25 Gb Total Space | 0,54 Gb Free Space | 1,45% Space Free | Partition Type: NTFS
Drive P: | 3725,90 Gb Total Space | 1387,84 Gb Free Space | 37,25% Space Free | Partition Type: NTFS
Drive R: | 2,25 Gb Total Space | 2,18 Gb Free Space | 96,97% Space Free | Partition Type: NTFS
Computer Name: BAX2013-PC | User Name: Bax2013 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/07/28 22:44:21 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
PRC - [2016/07/25 11:15:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Bax2013\Desktop\OTL.exe
PRC - [2016/07/13 22:49:36 | 003,446,976 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
PRC - [2016/07/05 20:00:44 | 024,204,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2016/06/27 12:13:52 | 007,408,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016/06/24 04:20:32 | 000,392,136 | ---- | M] (Mozilla Corporation) -- F:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/06/01 14:38:50 | 000,953,016 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2016/05/30 23:13:34 | 000,243,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/05/23 04:42:35 | 000,369,488 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
PRC - [2016/05/23 04:37:15 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
PRC - [2016/05/23 04:37:15 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
PRC - [2016/03/28 23:06:42 | 000,327,680 | ---- | M] () -- D:\Program Files\Serviio\bin\ServiioService.exe
PRC - [2016/01/08 14:08:40 | 001,021,736 | ---- | M] (Samsung) -- D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2016/01/08 14:08:34 | 000,318,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2016/01/08 14:08:32 | 001,572,648 | ---- | M] (Samsung) -- D:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2016/01/08 10:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) -- D:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
PRC - [2015/12/24 16:13:02 | 000,388,968 | ---- | M] (Digital Wave Ltd.) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
PRC - [2015/11/10 22:09:40 | 003,911,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2015/09/24 09:40:30 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/06/24 19:46:44 | 000,257,816 | ---- | M] (Maxthon International ltd.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
PRC - [2015/02/04 14:05:36 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/12/21 11:29:14 | 000,755,080 | ---- | M] (Samsung) -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
PRC - [2013/12/02 12:48:44 | 000,036,936 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- D:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2013/09/04 12:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- D:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
PRC - [2013/05/14 13:42:58 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2013/05/14 13:42:58 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2013/05/13 16:16:10 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/01/10 19:09:26 | 000,848,384 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2012/11/07 16:11:14 | 000,399,744 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
PRC - [2012/08/14 18:05:54 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
PRC - [2012/08/07 14:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\AI Suite II.exe
PRC - [2012/05/03 13:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/03/13 13:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 08:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2011/09/08 22:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- D:\Program Files (x86)\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/07/12 17:14:26 | 000,331,776 | ---- | M] (VIA Technologies, Inc.) -- C:\VIA_XHCI\usb3Monitor.exe
PRC - [2011/04/28 17:26:00 | 002,569,728 | ---- | M] (Xerox) -- C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
PRC - [2009/06/05 15:30:12 | 000,140,800 | ---- | M] (Nymithium Technologies™) -- D:\Program Files (x86)\Alt-Tab Thingy v4\attmain.exe
========== Modules (No Company Name) ==========
MOD - [2016/07/13 22:49:35 | 019,483,328 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
MOD - [2016/07/05 20:00:26 | 000,024,904 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
MOD - [2016/07/05 20:00:26 | 000,021,840 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
MOD - [2016/07/05 20:00:26 | 000,021,832 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
MOD - [2016/07/05 20:00:24 | 000,023,376 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
MOD - [2016/07/05 20:00:24 | 000,022,352 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
MOD - [2016/07/05 20:00:22 | 000,023,872 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
MOD - [2016/07/05 20:00:22 | 000,020,800 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
MOD - [2016/07/05 20:00:22 | 000,020,800 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
MOD - [2016/07/05 20:00:22 | 000,019,776 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
MOD - [2016/07/05 20:00:20 | 000,381,752 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
MOD - [2016/07/05 20:00:18 | 000,019,760 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
MOD - [2016/07/05 20:00:14 | 003,928,880 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
MOD - [2016/07/05 20:00:14 | 000,223,544 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
MOD - [2016/07/05 20:00:14 | 000,132,912 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
MOD - [2016/07/05 20:00:12 | 000,546,096 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
MOD - [2016/07/05 20:00:12 | 000,357,680 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
MOD - [2016/07/05 20:00:12 | 000,207,672 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
MOD - [2016/07/05 20:00:10 | 001,971,504 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
MOD - [2016/07/05 20:00:10 | 001,826,096 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
MOD - [2016/07/05 20:00:10 | 000,531,248 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
MOD - [2016/07/05 20:00:08 | 000,052,024 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
MOD - [2016/07/05 20:00:08 | 000,024,392 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
MOD - [2016/07/05 20:00:06 | 000,084,280 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
MOD - [2016/07/05 20:00:06 | 000,038,696 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\fastpath.pyd
MOD - [2016/07/05 20:00:04 | 000,026,456 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
MOD - [2016/07/05 19:59:56 | 001,682,760 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
MOD - [2016/07/05 19:59:56 | 000,020,816 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
MOD - [2016/07/05 19:59:56 | 000,020,808 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
MOD - [2016/07/05 19:59:54 | 000,246,592 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
MOD - [2016/07/05 19:59:54 | 000,020,280 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
MOD - [2016/07/02 23:57:46 | 019,094,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\da36abbea6ef456f432434d4d8d835c1\PresentationFramework.ni.dll
MOD - [2016/07/02 23:57:38 | 011,567,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\416ba33cb980d07643e82c4c45bd5786\PresentationCore.ni.dll
MOD - [2016/07/02 23:57:33 | 012,944,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\5aac750b35b27770dccb1a43f83cced7\System.Windows.Forms.ni.dll
MOD - [2016/07/02 23:57:32 | 003,968,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\32512bd09e2231f6eebb15fc17e3ad79\WindowsBase.ni.dll
MOD - [2016/07/02 23:57:30 | 000,974,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\46957030830964165644b52b0696c5d9\System.Configuration.ni.dll
MOD - [2016/07/02 23:57:29 | 007,516,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\55560c2014611e9119f99923c9ebdeef\System.Core.ni.dll
MOD - [2016/07/02 23:57:29 | 007,378,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d86b080a37c60a872c82b912a2a63dac\System.Xml.ni.dll
MOD - [2016/07/02 23:57:28 | 001,879,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6d09f865a22e2f903b74476769e1b76a\System.Xaml.ni.dll
MOD - [2016/07/02 23:57:28 | 000,791,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\647f9e8a4465888d8348c3f66611c463\System.Runtime.Remoting.ni.dll
MOD - [2016/07/02 23:57:27 | 001,623,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\646b4b01cb29986f8e076aa65c9e9753\System.Drawing.ni.dll
MOD - [2016/07/02 23:57:26 | 000,218,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\86909e4c4c7deb51e42b8f335c7aaa77\System.ServiceProcess.ni.dll
MOD - [2016/07/02 23:57:24 | 009,981,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\52cca48930e580e3189eac47158c20be\System.ni.dll
MOD - [2016/07/02 23:57:20 | 018,120,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\225759bb87c854c0fff27b1d84858c21\mscorlib.ni.dll
MOD - [2016/06/07 04:04:36 | 000,697,304 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2016/06/07 04:02:50 | 001,631,184 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2016/06/07 04:02:50 | 000,017,864 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2016/06/07 04:01:16 | 000,036,296 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\librsync.dll
MOD - [2016/06/07 04:00:48 | 000,350,152 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\winxpgui.pyd
MOD - [2016/06/07 04:00:48 | 000,048,592 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32service.pyd
MOD - [2016/06/07 04:00:48 | 000,028,616 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32ts.pyd
MOD - [2016/06/07 04:00:46 | 000,114,640 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32security.pyd
MOD - [2016/06/07 04:00:46 | 000,060,880 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32print.pyd
MOD - [2016/06/07 04:00:46 | 000,043,472 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32process.pyd
MOD - [2016/06/07 04:00:46 | 000,030,160 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32pipe.pyd
MOD - [2016/06/07 04:00:46 | 000,024,016 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32profile.pyd
MOD - [2016/06/07 04:00:44 | 000,175,560 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32gui.pyd
MOD - [2016/06/07 04:00:44 | 000,124,880 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32file.pyd
MOD - [2016/06/07 04:00:44 | 000,057,808 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
MOD - [2016/06/07 04:00:44 | 000,024,528 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32event.pyd
MOD - [2016/06/07 04:00:44 | 000,024,016 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
MOD - [2016/06/07 04:00:42 | 000,105,928 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\win32api.pyd
MOD - [2016/06/07 04:00:42 | 000,020,936 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\mmapfile.pyd
MOD - [2016/06/07 03:59:30 | 000,123,856 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
MOD - [2016/06/07 03:59:28 | 000,240,584 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\jpegtran.pyd
MOD - [2016/06/07 03:59:28 | 000,083,912 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\sip.pyd
MOD - [2016/06/07 03:59:26 | 000,019,408 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\faulthandler.pyd
MOD - [2016/06/07 03:58:46 | 000,034,768 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
MOD - [2016/06/07 03:58:44 | 000,692,688 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\unicodedata.pyd
MOD - [2016/06/07 03:58:44 | 000,134,608 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_elementtree.pyd
MOD - [2016/06/07 03:58:44 | 000,093,640 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\_ctypes.pyd
MOD - [2016/06/07 03:58:44 | 000,018,376 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\select.pyd
MOD - [2016/06/07 03:58:42 | 000,134,088 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\pyexpat.pyd
MOD - [2016/06/07 03:58:42 | 000,116,688 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\pywintypes27.dll
MOD - [2016/06/07 03:58:40 | 000,392,144 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\pythoncom27.dll
MOD - [2016/06/01 14:39:06 | 000,439,480 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2016/06/01 14:39:06 | 000,321,208 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2016/05/30 23:13:35 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/05/30 23:13:34 | 000,479,680 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/05/30 23:13:34 | 000,135,816 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/05/30 23:13:34 | 000,123,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/05/23 04:37:19 | 000,065,696 | ---- | M] () -- C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
MOD - [2016/05/23 04:37:15 | 000,179,200 | ---- | M] () -- C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
MOD - [2014/09/11 05:19:54 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Core\Webkit\pdf.dll
MOD - [2014/09/11 05:19:54 | 002,128,152 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll
MOD - [2014/09/11 05:19:54 | 000,887,064 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Core\Webkit\libGLESv2.dll
MOD - [2014/09/11 05:19:54 | 000,109,336 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Core\Webkit\libEGL.dll
MOD - [2014/09/11 05:19:44 | 000,258,944 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Bin\Maxzlib.dll
MOD - [2014/09/11 05:19:40 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
MOD - [2013/05/08 16:22:48 | 001,040,896 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\EasyUpdate\EasyUpdt.dll
MOD - [2013/04/15 15:19:46 | 000,883,712 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Sensor\Sensor.dll
MOD - [2013/01/10 19:16:00 | 000,193,024 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2013/01/10 19:09:26 | 000,848,384 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2013/01/10 18:32:54 | 001,411,072 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2012/10/08 18:07:46 | 000,972,288 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/08/29 19:09:00 | 000,875,520 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\TabGadget\TabGadget.dll
MOD - [2012/07/20 10:39:40 | 001,047,040 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Probe_II\ProbeII.dll
MOD - [2012/06/19 13:56:22 | 001,305,600 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 22:27:04 | 001,622,528 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/09/19 21:18:20 | 001,243,136 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 10:06:44 | 000,846,848 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 20:14:52 | 000,147,456 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\AssistFunc.dll
MOD - [2010/10/05 09:22:50 | 000,253,952 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\pngio.dll
MOD - [2010/10/05 09:22:50 | 000,208,896 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 04:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2009/08/12 21:15:52 | 000,253,952 | ---- | M] () -- D:\Program Files (x86)\AI Suite II\Sensor\AlertHelper\pngio.dll
MOD - [2005/09/15 19:48:42 | 000,176,128 | ---- | M] () -- D:\Program Files (x86)\Alt-Tab Thingy v4\atthooks.dll
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/30 23:13:34 | 000,243,296 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2016/05/30 23:13:31 | 005,570,272 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2016/05/20 23:54:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2016/03/09 17:20:54 | 000,623,848 | ---- | M] (Samsung Electronics Co.,Ltd) [On_Demand | Running] -- C:\Program Files\Samsung\Samsung Link\Samsung Link.exe -- (Samsung Link Service)
SRV:64bit: - [2015/07/23 02:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/12/21 11:31:20 | 000,404,360 | ---- | M] (Samsung) [Auto | Running] -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe -- (AllShare Framework DMS)
SRV:64bit: - [2013/08/30 07:13:54 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/01/03 15:38:52 | 000,183,200 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2012/12/10 15:31:44 | 000,803,872 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2012/12/10 15:31:28 | 000,732,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012/10/02 08:41:44 | 000,240,584 | ---- | M] (DTS, Inc) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe -- (DTSAudioSvc)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/07/15 22:07:43 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/23 04:37:15 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) [Auto | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe -- (iSafeService)
SRV - [2016/03/28 23:06:42 | 000,327,680 | ---- | M] () [Auto | Running] -- D:\Program Files\Serviio\bin\ServiioService.exe -- (Serviio)
SRV - [2016/01/08 10:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- D:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2015/12/24 16:13:02 | 000,388,968 | ---- | M] (Digital Wave Ltd.) [Auto | Running] -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe -- (DigitalWave.Update.Service)
SRV - [2015/11/05 20:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015/09/24 09:40:30 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/10 16:03:38 | 001,771,560 | ---- | M] (pdfforge GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\PDF Architect 2\ws.exe -- (PDF Architect 2)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/19 01:44:36 | 050,942,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/12/18 11:01:06 | 002,103,096 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/12/02 12:48:44 | 000,036,936 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- D:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2013/09/04 12:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- D:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2013/05/14 13:42:58 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2013/05/14 13:42:58 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2013/05/13 16:16:10 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/03/01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012/11/07 16:11:14 | 000,399,744 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/02/17 08:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2011/04/28 14:07:00 | 000,095,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe -- (XRNADB)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/06/30 09:31:20 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:64bit: - [2016/05/30 23:13:36 | 000,465,792 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2016/05/30 23:13:36 | 000,287,528 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2016/05/30 23:13:36 | 000,166,432 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2016/05/30 23:13:36 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2016/05/30 23:13:36 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2016/05/30 23:13:36 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2016/05/30 23:13:36 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2016/05/30 23:13:33 | 001,070,904 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2016/05/30 23:13:33 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2016/05/30 23:13:32 | 000,161,760 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ngvss.sys -- (ngvss)
DRV:64bit: - [2016/05/30 23:13:31 | 000,323,392 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2016/05/23 04:41:44 | 000,055,056 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys -- (iSafeKrnlBoot)
DRV:64bit: - [2016/05/19 08:42:01 | 000,052,392 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys -- (iSafeNetFilter)
DRV:64bit: - [2016/01/08 10:51:54 | 000,213,088 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:64bit: - [2016/01/08 10:51:54 | 000,213,088 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2016/01/08 10:51:54 | 000,120,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2015/11/21 01:03:33 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2015/06/12 06:00:58 | 000,197,616 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2014/07/26 10:38:40 | 000,057,424 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\GsRamDsk.sys -- (GsRamDsk)
DRV:64bit: - [2014/02/03 12:39:48 | 000,339,960 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\spvve.sys -- (SPVVEngine)
DRV:64bit: - [2014/02/03 12:39:48 | 000,092,152 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\spvdbus.sys -- (SPVDPort)
DRV:64bit: - [2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/04 12:24:10 | 000,189,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:64bit: - [2013/09/04 12:24:10 | 000,061,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:64bit: - [2013/09/04 12:24:10 | 000,048,200 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:64bit: - [2013/09/04 12:24:10 | 000,018,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:64bit: - [2013/08/30 09:53:56 | 011,833,856 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/08/30 06:47:00 | 000,608,768 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/08/09 09:13:36 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2013/06/24 14:36:12 | 000,420,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2013/06/24 14:36:12 | 000,140,032 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2013/05/13 16:16:10 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/04/24 18:31:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/03/05 14:14:46 | 001,528,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTWlanU.sys -- (RtlWlanu)
DRV:64bit: - [2013/03/01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/02/21 07:14:03 | 000,495,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2013/01/03 10:31:20 | 000,301,256 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2013/01/03 10:31:18 | 000,231,112 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2012/08/23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/06 11:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/03/14 11:29:46 | 000,313,136 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/14 11:29:46 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2016/05/23 04:41:44 | 000,262,344 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys -- (iSafeKrnl)
DRV - [2016/05/23 04:41:44 | 000,110,112 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys -- (iSafeKrnlKit)
DRV - [2016/05/23 04:41:44 | 000,052,440 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys -- (iSafeKrnlMon)
DRV - [2016/05/23 04:41:16 | 000,103,904 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys -- (iSafeKrnlR3)
DRV - [2013/12/30 03:54:22 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013/12/16 15:34:30 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/07/26 20:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\sensorsview32_64.sys -- (sensorsview64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.attirerpage.com/search/?type ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.attirerpage.com/search/?type ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.attirerpage.com/search/?type ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.attirerpage.com/search/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.attirerpage.com/search/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.attirerpage.com/?type=hp&ts= ... XXZ300DQ0K
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.attirerpage.com/search/?type ... earchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=s ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk-SK
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 2D 32 E0 63 DD D5 D1 01 [binary data]
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1391750300-441857230-858820617-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.defaultenginename: "nice"
FF - prefs.js..browser.search.order.1: "nice"
FF - prefs.js..browser.search.region: "SK"
FF - prefs.js..browser.search.searchengine.alias: ""
FF - prefs.js..browser.search.searchengine.iconURL: "http://www.nicesearches.com/favicon.ico?t=1"
FF - prefs.js..browser.search.searchengine.name: "nice"
FF - prefs.js..browser.search.searchengine.ref: ""
FF - prefs.js..browser.search.searchengine.ts: "1467174390"
FF - prefs.js..browser.search.searchengine.type: ""
FF - prefs.js..browser.search.searchengine.uid: "st4000dm000-1f2168_z300dq0kxxxxz300dq0k"
FF - prefs.js..browser.search.searchengine.url: "http://www.nicesearches.com/search.php? ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "nice"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.nicesearches.com?type=hp&ts= ... 5mfzac9tcm"
FF - prefs.js..extensions.enabledAddons: s3google%40translator:5.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0.1
FF - user.js..browser.search.defaultenginename: "nice"
FF - user.js..browser.search.order.1: "nice"
FF - user.js..browser.search.searchengine.alias: ""
FF - user.js..browser.search.searchengine.iconURL: "http://www.nicesearches.com/favicon.ico?t=1"
FF - user.js..browser.search.searchengine.name: "nice"
FF - user.js..browser.search.searchengine.ref: ""
FF - user.js..browser.search.searchengine.ts: "1467174390"
FF - user.js..browser.search.searchengine.type: ""
FF - user.js..browser.search.searchengine.uid: "st4000dm000-1f2168_z300dq0kxxxxz300dq0k"
FF - user.js..browser.search.searchengine.url: "http://www.nicesearches.com/search.php? ... earchTerms}"
FF - user.js..browser.search.selectedEngine: "nice"
FF - user.js..browser.search.useDBForOrder: true
FF - user.js..browser.startup.homepage: "http://www.nicesearches.com?type=hp&ts= ... 5mfzac9tcm"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\PDF Architect 2: C:\Program Files (x86)\PDF Architect 2\np-previewer.dll File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/05/30 23:13:37 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/05/30 23:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/05/30 23:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/05/30 23:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\arthurj8283@gmail.com: C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\extensions\arthurj8283@gmail.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 47.0.1\extensions\\Components: f:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 47.0.1\extensions\\Plugins: f:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.40\extensions\\Components: D:\Program Files (x86)\SeaMonkey\components [2016/05/06 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.40\extensions\\Plugins: D:\Program Files (x86)\SeaMonkey\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015/11/09 15:09:52 | 000,030,181 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015/11/09 15:09:52 | 000,030,181 | ---- | M] ()
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Extensions
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2016/06/30 06:32:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Firefox\Profiles\0zymj2qe.default\extensions
[2016/01/16 00:44:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Firefox\Profiles\0zymj2qe.default\extensions\1452897898_xpi
[2016/07/24 22:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Firefox\Profiles\41A66E7E5EE1\extensions
[2016/01/16 00:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions
[2016/05/06 12:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\SeaMonkey\Profiles\33ohs5rz.default\extensions
[2015/08/17 22:04:13 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Bax2013\AppData\Roaming\mozilla\SeaMonkey\Profiles\33ohs5rz.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2016/05/06 12:42:08 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Bax2013\AppData\Roaming\mozilla\SeaMonkey\Profiles\33ohs5rz.default\extensions\inspector@mozilla.org
[2016/05/06 12:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\SeaMonkey\Profiles\33ohs5rz.default\extensions\inspector@mozilla.org\chrome\inspector\content\inspector\extensions
[2016/01/16 00:31:29 | 000,337,933 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\0zymj2qe.default\extensions\s3google@translator.xpi
[2016/07/08 11:13:24 | 000,042,019 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\extensions\@youtuberightclick.xpi
[2016/07/08 11:10:17 | 002,617,021 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\extensions\firebug@software.joehewitt.com.xpi
[2016/07/24 22:09:28 | 000,378,767 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\extensions\s3google@translator.xpi
[2016/07/09 15:02:29 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/01/14 10:47:56 | 000,330,935 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi
[2016/01/16 00:31:29 | 000,337,933 | ---- | M] () (No name found) -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\s3google@translator.xpi
[2016/06/27 14:34:43 | 000,000,652 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\0zymj2qe.default\searchplugins\attirerpage.xml
[2016/01/16 00:44:56 | 000,000,627 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\0zymj2qe.default\searchplugins\mysites123.xml
[2016/06/29 13:57:38 | 000,000,762 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\mozilla\firefox\profiles\0zymj2qe.default\searchplugins\nice.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Bax2013\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
O1 HOSTS File: ([2016/07/13 07:45:29 | 000,453,077 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 down.baidu2016.com
O1 - Hosts: 127.0.0.1 123.sogou.com
O1 - Hosts: 127.0.0.1 www.czzsyzgm.com
O1 - Hosts: 127.0.0.1 www.czzsyzxl.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 15554 more lines...
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1391750300-441857230-858820617-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [NetWorx] E:\ProgNeinst\+INTERNET\networx_portable\64-bit\networx.exe (SoftPerfect)
O4:64bit: - HKLM..\Run: [RAMDiskForWorkstations] F:\Program Files\SoftPerfect RAM Disk\RAMDiskWS.exe (SoftPerfect Research)
O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Samsung Link] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Samsung Electronics Co.,Ltd)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [Alt-Tab Thingy] D:\Program Files (x86)\Alt-Tab Thingy v4\attmain.exe (Nymithium Technologies™)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DocuPrint 6015B RUN] C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] D:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Launcher6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015B File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StatusAutoRun6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015B,hide,\S File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [Dropbox Update] C:\Users\Bax2013\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [KiesPDLR] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [KiesPDLR.exe] D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [KiesPreload] D:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1391750300-441857230-858820617-1000..\Run: [Namedate] E:\ProgNeinst\Nezmeskaj\nezmeskej.exe (Petr Mazánek (mazi@all4u.cz, +420608702180))
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8:64bit: - Extra context menu item: Stiahnuť s IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 10.1.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9396339-060D-4168-824F-EB6D28279756}: DhcpNameServer = 192.168.0.1 10.1.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B318A6B3-FB25-4E9D-897C-CFD4EBEFFFB3}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\Jaksta\AC\x64\jaudcap.dll) - C:\Windows\Jaksta\AC\x64\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20 - AppInit_DLLs: (C:\Windows\Jaksta\AC\x86\jaudcap.dll) - C:\Windows\Jaksta\AC\x86\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\volaro: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\vonteera: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/06/30 09:35:36 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: VIDC.CSCD - C:\Windows\SysWow64\camcodec.dll (CamStudio Group)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.HFYU - C:\Windows\SysWow64\huffyuv.dll (Disappearing Inc.)
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.VP80 - vp8vfw.dll File not found
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
Re: Prosím o kontrolu CPU 100%
========== Files/Folders - Created Within 30 Days ==========
[2016/07/25 11:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- F:\Users\Bax2013\Desktop\OTL.exe
[2016/07/21 12:06:15 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64
[2016/07/21 12:06:14 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Mediatronic
[2016/07/19 22:01:44 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Local\bunkus.org
[2016/07/19 22:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
[2016/07/17 23:11:06 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung
[2016/07/17 23:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2016/07/17 22:33:17 | 000,000,000 | ---D | C] -- C:\PCShareManagerUpload
[2016/07/17 22:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2016/07/17 14:56:41 | 000,213,088 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudserd.sys
[2016/07/17 14:56:41 | 000,213,088 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2016/07/17 14:56:41 | 000,120,416 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2016/07/17 10:46:05 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Kodi
[2016/07/17 10:20:57 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
[2016/07/16 23:39:06 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\.dvdcss
[2016/07/16 00:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
[2016/07/16 00:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\PMS
[2016/07/16 00:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PS3 Media Server
[2016/07/14 23:44:28 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Serviio-Console-Wrapper
[2016/07/14 23:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio
[2016/07/14 22:46:08 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Lavasoft
[2016/07/11 23:34:54 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2016/07/09 10:28:49 | 000,052,392 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys
[2016/07/09 09:13:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2016/07/09 00:13:28 | 000,000,000 | -H-D | C] -- C:\Users\Bax2013\AppData\Roaming\GoldenGate
[2016/07/09 00:13:28 | 000,000,000 | -H-D | C] -- C:\Users\Bax2013\AppData\Roaming\Booking_helper
[2016/07/06 22:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2016/07/06 22:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2016/07/06 22:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2016/07/06 22:29:18 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\DVDVideoSoft
[2016/07/06 11:46:43 | 000,055,056 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[2016/07/05 08:19:28 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Local\AvastSupport
[2016/07/04 12:23:38 | 000,000,000 | ---D | C] -- F:\Users\Bax2013\Documents\aaaa
[2016/07/03 23:49:25 | 000,000,000 | ---D | C] -- F:\Users\Bax2013\Desktop\IKONY programov
[2016/07/03 14:26:57 | 000,994,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2016/07/03 14:26:57 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2016/07/03 14:26:57 | 000,063,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2016/07/03 14:26:57 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2016/07/03 14:26:57 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2016/07/03 14:26:57 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2016/07/03 14:26:57 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2016/07/03 14:26:57 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2016/07/03 14:26:57 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2016/07/03 14:26:57 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2016/07/03 14:26:57 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l2-1-0.dll
[2016/07/03 14:26:57 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l2-1-0.dll
[2016/07/03 14:26:56 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2016/07/03 14:26:56 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2016/07/03 14:26:56 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2016/07/03 14:26:56 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2016/07/03 14:26:56 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2016/07/03 14:26:56 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2016/07/03 14:26:56 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2016/07/03 14:26:56 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2016/07/03 14:26:56 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2016/07/03 14:26:56 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2016/07/03 14:26:56 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2016/07/03 14:26:56 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
[2016/07/03 14:26:56 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-2-0.dll
[2016/07/03 14:26:56 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2016/07/03 14:26:56 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-2-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-1.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-timezone-l1-1-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-2-0.dll
[2016/07/03 00:30:29 | 000,000,000 | ---D | C] -- C:\Windows\EOONotify
[2016/07/03 00:30:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs
[2016/07/03 00:30:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2016/07/03 00:30:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\cs-CZ
[2016/07/03 00:30:24 | 000,000,000 | ---D | C] -- C:\Windows\cs-CZ
[2016/07/03 00:30:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cs
[2016/07/03 00:30:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2016/07/03 00:04:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdvgkmd.sys.mui
[2016/07/03 00:04:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tsusbhub.sys.mui
[2016/07/03 00:04:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbrpm.sys.mui
[2016/07/03 00:04:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\fvevol.sys.mui
[2016/07/03 00:04:24 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
[2016/07/03 00:04:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\nwifi.sys.mui
[2016/07/03 00:04:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\qwavedrv.sys.mui
[2016/07/03 00:04:20 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrSerId.sys.mui
[2016/07/03 00:04:20 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrSerIb.sys.mui
[2016/07/03 00:04:20 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\MTConfig.sys.mui
[2016/07/03 00:04:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbport.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\processr.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\intelppm.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdppm.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdk8.sys.mui
[2016/07/03 00:04:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbhub.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\serial.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\battc.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\acpi.sys.mui
[2016/07/03 00:04:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\IPMIDrv.sys.mui
[2016/07/03 00:04:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wacompen.sys.mui
[2016/07/03 00:04:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tpm.sys.mui
[2016/07/03 00:04:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\parport.sys.mui
[2016/07/03 00:04:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\umbus.sys.mui
[2016/07/03 00:04:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ataport.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wd.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\disk.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\cdrom.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdide.sys.mui
[2016/07/03 00:04:18 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mpio.sys.mui
[2016/07/03 00:04:18 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\volsnap.sys.mui
[2016/07/03 00:04:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ohci1394.sys.mui
[2016/07/03 00:04:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\1394ohci.sys.mui
[2016/07/03 00:04:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\i8042prt.sys.mui
[2016/07/03 00:04:18 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pci.sys.mui
[2016/07/03 00:04:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\msdsm.sys.mui
[2016/07/03 00:04:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthport.sys.mui
[2016/07/03 00:04:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\sermouse.sys.mui
[2016/07/03 00:04:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\kbdclass.sys.mui
[2016/07/03 00:04:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthpan.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vhdmp.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vdrvroot.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pcmcia.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mouclass.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\hdaudbus.sys.mui
[2016/07/03 00:04:18 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\cs-CZ\pscr.sys.mui
[2016/07/03 00:04:18 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\isapnp.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mssmbios.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\hidbth.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\GAGP30KX.SYS.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\cs-CZ\atikmdag.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vwifibus.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ULIAGPKX.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\UAGP35.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pnpmem.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\NV_AGP.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mouhid.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\kbdhid.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\BTHUSB.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\AGP440.sys.mui
[2016/07/03 00:04:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthenum.sys.mui
[2016/07/03 00:04:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tcpip.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tsusbflt.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\portcls.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\HdAudio.sys.mui
[2016/07/03 00:04:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rndismpx.sys.mui
[2016/07/03 00:04:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rndismp6.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\serscan.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\Dot4usb.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrParwdm.sys.mui
[2016/07/03 00:04:12 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pacer.sys.mui
[2016/07/03 00:04:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdpwd.sys.mui
[2016/07/03 00:04:09 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bfe.dll.mui
[2016/07/03 00:04:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\modem.sys.mui
[2016/07/03 00:04:06 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\volmgrx.sys.mui
[2016/07/03 00:04:05 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\afd.sys.mui
[2016/07/03 00:04:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tunnel.sys.mui
[2016/07/03 00:04:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\luafv.sys.mui
[2016/07/03 00:04:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdbss.sys.mui
[2016/07/03 00:04:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
[2016/07/03 00:04:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ntfs.sys.mui
[2016/07/03 00:04:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
[2016/07/03 00:03:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\partmgr.sys.mui
[2016/07/03 00:03:57 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndisuio.sys.mui
[2016/07/03 00:03:57 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mountmgr.sys.mui
[2016/07/03 00:03:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndiscap.sys.mui
[2016/07/03 00:03:53 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
[2016/07/03 00:03:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\scfilter.sys.mui
[2016/07/03 00:03:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\fltmgr.sys.mui
[2016/07/03 00:03:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndis.sys.mui
[2016/07/03 00:03:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wdf01000.sys.mui
[2016/07/03 00:03:46 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
[2016/07/03 00:03:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
[2016/07/03 00:03:45 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\http.sys.mui
[2016/07/03 00:03:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ws2ifsl.sys.mui
[2016/07/02 23:49:25 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016/07/02 23:49:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016/07/02 23:49:25 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016/07/02 23:49:25 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2016/07/02 23:49:25 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016/07/02 23:49:25 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016/07/02 23:49:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016/07/02 23:49:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016/07/02 23:49:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016/07/02 23:49:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016/07/02 23:49:25 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016/07/02 23:49:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016/07/02 23:49:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016/07/02 23:49:24 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016/07/02 23:49:24 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016/07/02 23:49:24 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016/07/02 23:49:24 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016/07/02 23:49:24 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016/07/02 23:49:24 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016/07/02 23:49:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016/07/02 23:49:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016/07/02 23:49:23 | 002,131,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016/07/02 23:49:23 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016/07/02 23:49:23 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016/07/02 23:49:23 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016/07/02 23:49:23 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016/07/02 23:49:23 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016/07/02 23:49:22 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016/07/02 23:49:22 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016/07/02 23:49:22 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016/07/02 23:49:22 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016/07/02 23:49:22 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016/07/02 23:49:22 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016/07/02 23:49:22 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016/07/02 23:49:21 | 006,051,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016/07/02 23:49:21 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016/07/02 23:49:21 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016/07/02 23:49:21 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016/07/02 23:49:21 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016/07/02 23:49:21 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016/07/02 23:49:20 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016/07/02 23:49:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016/07/02 23:49:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016/07/02 23:48:14 | 005,546,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016/07/02 23:48:14 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016/07/02 23:48:14 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016/07/02 23:48:14 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016/07/02 23:48:13 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016/07/02 23:48:13 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016/07/02 23:48:13 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016/07/02 23:48:13 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016/07/02 23:48:13 | 000,706,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2016/07/02 23:48:13 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016/07/02 23:48:13 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016/07/02 23:48:13 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2016/07/02 23:48:13 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016/07/02 23:48:13 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2016/07/02 23:48:13 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016/07/02 23:48:13 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016/07/02 23:48:13 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2016/07/02 23:48:13 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016/07/02 23:48:13 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016/07/02 23:48:13 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016/07/02 23:48:13 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016/07/02 23:48:13 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016/07/02 23:48:13 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2016/07/02 23:48:13 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2016/07/02 23:48:13 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016/07/02 23:48:13 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016/07/02 23:48:13 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2016/07/02 23:48:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016/07/02 23:48:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016/07/02 23:48:13 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016/07/02 23:48:13 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2016/07/02 23:48:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016/07/02 23:48:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016/07/02 23:48:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2016/07/02 23:48:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2016/07/02 23:48:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016/07/02 23:48:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016/07/02 23:48:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016/07/02 23:48:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016/07/02 23:48:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016/07/02 23:48:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016/07/02 23:48:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016/07/02 23:48:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2016/07/02 23:48:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016/07/02 23:48:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016/07/02 23:48:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016/07/02 23:48:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016/07/02 23:48:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016/07/02 23:48:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016/07/02 23:48:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016/07/02 23:48:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016/07/02 23:48:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016/07/02 23:48:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016/07/02 23:48:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016/07/02 23:48:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016/07/02 23:48:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016/07/02 23:48:01 | 001,307,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2adec.dll
[2016/07/02 23:48:00 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2016/07/02 23:48:00 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2016/07/02 23:48:00 | 001,955,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2016/07/02 23:48:00 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2016/07/02 23:48:00 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2016/07/02 23:48:00 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOE.DLL
[2016/07/02 23:48:00 | 001,573,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2016/07/02 23:48:00 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2016/07/02 23:48:00 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2016/07/02 23:48:00 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2016/07/02 23:48:00 | 001,153,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOE.DLL
[2016/07/02 23:48:00 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2016/07/02 23:48:00 | 001,010,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2016/07/02 23:48:00 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2016/07/02 23:48:00 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2adec.dll
[2016/07/02 23:48:00 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2016/07/02 23:48:00 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2016/07/02 23:48:00 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOE.DLL
[2016/07/02 23:48:00 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2016/07/02 23:48:00 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2016/07/02 23:48:00 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2016/07/02 23:48:00 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2016/07/02 23:48:00 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2016/07/02 23:48:00 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2016/07/02 23:48:00 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2016/07/02 23:48:00 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\COLORCNV.DLL
[2016/07/02 23:48:00 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COLORCNV.DLL
[2016/07/02 23:47:59 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2016/07/02 23:47:59 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2016/07/02 23:47:59 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2016/07/02 23:47:59 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOE.DLL
[2016/07/02 23:47:59 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2016/07/02 23:47:59 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2016/07/02 23:47:59 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFWMAAEC.DLL
[2016/07/02 23:47:59 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2016/07/02 23:47:59 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFWMAAEC.DLL
[2016/07/02 23:47:59 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSENCD.DLL
[2016/07/02 23:47:59 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2016/07/02 23:47:59 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2016/07/02 23:47:59 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2016/07/02 23:47:59 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2016/07/02 23:47:59 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSENCD.DLL
[2016/07/02 23:47:59 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2016/07/02 23:47:59 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VIDRESZR.DLL
[2016/07/02 23:47:59 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2016/07/02 23:47:59 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2016/07/02 23:47:59 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MPG4DECD.DLL
[2016/07/02 23:47:59 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP43DECD.DLL
[2016/07/02 23:47:59 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2016/07/02 23:47:59 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RESAMPLEDMO.DLL
[2016/07/02 23:47:59 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MPG4DECD.DLL
[2016/07/02 23:47:59 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP43DECD.DLL
[2016/07/02 23:47:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RESAMPLEDMO.DLL
[2016/07/02 23:47:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2016/07/02 23:47:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2016/07/02 23:47:59 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2016/07/02 23:47:59 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VIDRESZR.DLL
[2016/07/02 23:47:59 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2016/07/02 23:47:59 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2016/07/02 23:47:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP3DMOD.DLL
[2016/07/02 23:47:59 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP3DMOD.DLL
[2016/07/02 23:47:59 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devenum.dll
[2016/07/02 23:47:59 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfvdsp.dll
[2016/07/02 23:47:59 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devenum.dll
[2016/07/02 23:47:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2016/07/02 23:47:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfvdsp.dll
[2016/07/02 23:47:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2016/07/02 23:47:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2016/07/02 23:47:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2016/07/02 23:47:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksuser.dll
[2016/07/02 23:47:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2016/07/02 23:47:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2016/07/02 23:47:56 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2016/07/02 23:47:56 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2016/07/02 23:47:56 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2016/07/02 23:47:56 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2016/07/02 23:47:55 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2016/07/02 23:47:55 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxoci.dll
[2016/07/02 23:47:55 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxoci.dll
[2016/07/02 23:47:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2016/07/02 23:47:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2016/07/02 23:47:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdgeoqw.dll
[2016/07/02 23:47:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZEL.DLL
[2016/07/02 23:47:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZE.DLL
[2016/07/02 23:47:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZE.DLL
[2016/07/02 23:47:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdgeoqw.dll
[2016/07/02 23:47:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZEL.DLL
[2016/07/02 23:47:38 | 001,413,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016/07/02 23:47:38 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016/07/02 23:47:38 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2016/07/02 23:47:38 | 000,544,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2016/07/02 23:47:38 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2016/07/02 23:47:38 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\centel.dll
[2016/07/02 23:47:38 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2016/07/02 23:47:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2016/07/02 23:47:38 | 000,041,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016/07/02 23:47:33 | 014,634,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2016/07/02 23:47:32 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2016/07/02 23:47:32 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2016/07/02 23:47:32 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2016/07/02 23:47:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2016/07/02 23:47:32 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2016/07/02 23:47:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2016/07/02 23:47:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2016/07/02 23:47:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2016/07/02 23:47:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2016/07/02 23:47:28 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2016/07/02 23:47:26 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2016/07/02 23:47:26 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2016/07/02 23:47:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[2016/07/02 23:47:24 | 001,735,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2016/07/02 23:47:24 | 000,525,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2016/07/02 23:47:23 | 001,242,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2016/07/02 23:47:23 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2016/07/02 23:47:23 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2016/07/02 23:47:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2016/07/02 23:47:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netbtugc.exe
[2016/07/02 23:47:22 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2016/07/02 23:47:22 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2016/07/02 23:47:22 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\polstore.dll
[2016/07/02 23:47:22 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2016/07/02 23:47:22 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winipsec.dll
[2016/07/02 23:47:22 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2016/07/02 23:47:22 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2016/07/02 23:47:22 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winipsec.dll
[2016/07/02 23:47:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2016/07/02 23:47:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpscript.dll
[2016/07/02 23:47:22 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpscript.dll
[2016/07/02 23:47:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpscript.exe
[2016/07/02 23:47:22 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpscript.exe
[2016/07/02 23:47:20 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2016/07/02 23:47:20 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2016/07/02 23:47:20 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2016/07/02 23:47:20 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2016/07/02 23:47:20 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2016/07/02 23:47:20 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2016/07/02 23:47:19 | 000,382,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2016/07/02 23:47:19 | 000,308,456 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2016/07/02 23:47:19 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2016/07/02 23:47:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2016/07/02 23:47:19 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2016/07/02 23:47:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2016/07/02 23:47:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2016/07/02 23:47:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2016/07/02 23:47:18 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2016/07/02 23:47:18 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2016/07/02 23:47:18 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2016/07/02 23:47:17 | 000,264,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2016/07/02 23:47:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2016/07/02 23:47:15 | 003,231,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2016/07/02 23:47:15 | 002,973,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2016/07/02 23:47:15 | 001,867,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2016/07/02 23:47:15 | 001,499,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2016/07/02 23:47:13 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2016/07/02 23:47:13 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2016/07/02 23:47:13 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2016/07/02 23:47:13 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshrm.dll
[2016/07/02 23:47:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2016/07/02 23:47:12 | 003,180,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2016/07/02 23:47:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2016/07/02 23:47:12 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\els.dll
[2016/07/02 23:47:12 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\els.dll
[2016/07/02 23:47:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2016/07/02 23:47:11 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2016/07/02 23:45:19 | 003,243,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2016/07/02 23:45:19 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2016/07/02 23:45:19 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2016/07/02 23:45:19 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2016/07/02 23:45:19 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2016/07/02 23:45:19 | 000,114,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2016/07/02 23:45:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2016/07/02 23:45:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2016/07/02 23:40:54 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2016/07/01 12:49:47 | 000,000,000 | ---D | C] -- F:\Users\Bax2013\Documents\ProcAlyzer Dumps
[2016/07/01 12:04:45 | 000,821,920 | ---- | C] (Safer-Networking Ltd. ) -- C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
[2016/07/01 10:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2016/07/01 10:26:13 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2016/07/01 10:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2016/07/01 10:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2016/07/01 10:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2016/07/01 10:05:51 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2016/06/30 23:49:25 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\Doctor Web
[2016/06/30 10:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016/06/30 10:34:44 | 000,000,000 | ---D | C] -- C:\rsit
[2016/06/30 09:35:11 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group
[2016/06/30 09:35:08 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\Start Menu
[2016/06/30 09:02:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vbox
[2016/06/30 09:02:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vbox
[2016/06/29 13:57:18 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Firefox
[2016/06/29 13:57:18 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Local\Firefox
[2016/06/29 13:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefox
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/07/28 22:57:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/07/28 22:52:13 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/07/28 22:51:22 | 000,000,874 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000Core.job
[2016/07/28 22:50:04 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/07/28 22:41:46 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000UA.job
[2016/07/28 22:41:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/07/28 10:02:05 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/07/28 10:02:05 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/07/28 09:54:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/07/26 21:05:23 | 001,691,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/07/26 21:05:23 | 000,660,758 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/07/26 21:05:23 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/07/26 21:05:23 | 000,141,408 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/07/26 21:05:23 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/07/26 21:05:23 | 000,103,060 | ---- | M] () -- C:\Windows\SysNative\perfh01B.dat
[2016/07/26 21:05:23 | 000,019,304 | ---- | M] () -- C:\Windows\SysNative\perfc01B.dat
[2016/07/26 21:00:45 | 4248,928,254 | -HS- | M] () -- C:\hiberfil.sys
[2016/07/25 11:15:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Bax2013\Desktop\OTL.exe
[2016/07/21 12:06:15 | 000,000,706 | ---- | M] () -- F:\Users\Bax2013\Desktop\MediaCoder x64.lnk
[2016/07/19 22:00:47 | 000,000,812 | ---- | M] () -- C:\Users\Public\Desktop\MKVToolNix GUI.lnk
[2016/07/17 23:23:01 | 000,002,085 | ---- | M] () -- F:\Users\Bax2013\Desktop\Prvý používateľ - Chrome - kópia.lnk
[2016/07/17 14:56:52 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2016/07/15 23:13:13 | 000,390,642 | ---- | M] () -- F:\Users\Bax2013\Documents\viessman rud kopia vymaž.pdf
[2016/07/15 23:11:35 | 000,390,637 | ---- | M] () -- F:\Users\Bax2013\Documents\Viessman rudo kotol.pdf
[2016/07/15 22:07:41 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/07/15 22:07:41 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/07/13 23:09:58 | 000,060,825 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ Obratyk 13.7.2016 vypis.pdf
[2016/07/13 23:08:56 | 000,063,354 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ EUR platby do krajín SEPA, SR a v rámci SLSP Platby v cudzej mene v rámci SLSP_1611,62.pdf
[2016/07/13 23:08:26 | 000,036,462 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ Detailyk 13.7.2016 .pdf
[2016/07/13 23:07:47 | 000,035,778 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - ÚčtyAses managment13.07.2016.pdf
[2016/07/13 23:05:46 | 000,036,268 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účtyzručenie5285,68.pdf
[2016/07/13 23:04:56 | 000,063,145 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ EUR platby do krajín SEPA, SR a v rámci SLSP Platby v cudzej mene v rámci SLSP_641,3.pdf
[2016/07/13 07:45:29 | 000,453,077 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2016/07/11 23:35:14 | 000,001,147 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2016/07/09 10:00:01 | 000,000,312 | ---- | M] () -- C:\Users\Public\Documents\report.dat
[2016/07/07 16:21:45 | 000,001,059 | ---- | M] () -- F:\Users\Bax2013\Desktop\opera - odkaz.lnk
[2016/07/07 10:30:36 | 000,002,073 | ---- | M] () -- F:\Users\Bax2013\Desktop\Kyslé uhorky - Chrome.lnk
[2016/07/07 10:30:36 | 000,002,033 | ---- | M] () -- F:\Users\Bax2013\Desktop\Prvý používateľ - Chrome.lnk
[2016/07/06 22:47:02 | 000,001,366 | ---- | M] () -- C:\Users\Public\Desktop\Free Video Flip and Rotate.lnk
[2016/07/06 22:47:02 | 000,001,245 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2016/07/05 09:15:39 | 000,017,312 | ---- | M] () -- F:\Users\Bax2013\Documents\OZ.veg
[2016/07/05 08:21:21 | 000,001,306 | ---- | M] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
[2016/07/04 23:17:57 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\PDF Architect 2.lnk
[2016/07/04 11:41:30 | 000,000,161 | ---- | M] () -- C:\Windows\AutoKMS.ini
[2016/07/04 11:41:29 | 000,077,824 | ---- | M] () -- C:\Windows\KMSEmulator.exe
[2016/07/03 14:17:52 | 000,340,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016/07/03 00:05:11 | 000,292,004 | ---- | M] () -- C:\Windows\SysNative\perfi005.dat
[2016/07/03 00:05:11 | 000,036,232 | ---- | M] () -- C:\Windows\SysNative\perfd005.dat
[2016/07/03 00:04:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdvgkmd.sys.mui
[2016/07/03 00:04:42 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tsusbhub.sys.mui
[2016/07/03 00:04:42 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbrpm.sys.mui
[2016/07/03 00:04:35 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\fvevol.sys.mui
[2016/07/03 00:04:28 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\cs-CZ\WpdMtpDr.dll.mui
[2016/07/03 00:04:24 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
[2016/07/03 00:04:23 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\nwifi.sys.mui
[2016/07/03 00:04:23 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\qwavedrv.sys.mui
[2016/07/03 00:04:20 | 000,009,728 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrSerId.sys.mui
[2016/07/03 00:04:20 | 000,009,728 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrSerIb.sys.mui
[2016/07/03 00:04:20 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\MTConfig.sys.mui
[2016/07/03 00:04:19 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbport.sys.mui
[2016/07/03 00:04:19 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\volsnap.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\processr.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\intelppm.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdppm.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdk8.sys.mui
[2016/07/03 00:04:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbhub.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\serial.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\battc.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\acpi.sys.mui
[2016/07/03 00:04:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\IPMIDrv.sys.mui
[2016/07/03 00:04:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wacompen.sys.mui
[2016/07/03 00:04:19 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tpm.sys.mui
[2016/07/03 00:04:19 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\parport.sys.mui
[2016/07/03 00:04:19 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\umbus.sys.mui
[2016/07/03 00:04:19 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ataport.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wd.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\disk.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\cdrom.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdide.sys.mui
[2016/07/03 00:04:18 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mpio.sys.mui
[2016/07/03 00:04:18 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ohci1394.sys.mui
[2016/07/03 00:04:18 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\1394ohci.sys.mui
[2016/07/03 00:04:18 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\i8042prt.sys.mui
[2016/07/03 00:04:18 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pci.sys.mui
[2016/07/03 00:04:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\msdsm.sys.mui
[2016/07/03 00:04:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthport.sys.mui
[2016/07/03 00:04:18 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\cs-CZ\WUDFUsbccidDriver.dll.mui
[2016/07/03 00:04:18 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\sermouse.sys.mui
[2016/07/03 00:04:18 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\kbdclass.sys.mui
[2016/07/03 00:04:18 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthpan.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vhdmp.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vdrvroot.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pcmcia.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mouclass.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\hdaudbus.sys.mui
[2016/07/03 00:04:18 | 000,003,584 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\cs-CZ\pscr.sys.mui
[2016/07/03 00:04:18 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\isapnp.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mssmbios.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\hidbth.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\GAGP30KX.SYS.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\cs-CZ\atikmdag.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vwifibus.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ULIAGPKX.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\UAGP35.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pnpmem.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\NV_AGP.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mouhid.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\kbdhid.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\BTHUSB.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\AGP440.sys.mui
[2016/07/03 00:04:18 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthenum.sys.mui
[2016/07/03 00:04:16 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tcpip.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tsusbflt.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\portcls.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\HdAudio.sys.mui
[2016/07/03 00:04:16 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rndismpx.sys.mui
[2016/07/03 00:04:16 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rndismp6.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\serscan.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\Dot4usb.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrParwdm.sys.mui
[2016/07/03 00:04:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pacer.sys.mui
[2016/07/03 00:04:12 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdpwd.sys.mui
[2016/07/03 00:04:09 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bfe.dll.mui
[2016/07/03 00:04:06 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\modem.sys.mui
[2016/07/03 00:04:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\volmgrx.sys.mui
[2016/07/03 00:04:05 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\afd.sys.mui
[2016/07/03 00:04:02 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tunnel.sys.mui
[2016/07/03 00:04:02 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\luafv.sys.mui
[2016/07/03 00:04:02 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdbss.sys.mui
[2016/07/03 00:04:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
[2016/07/03 00:04:01 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ntfs.sys.mui
[2016/07/03 00:04:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
[2016/07/03 00:03:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\partmgr.sys.mui
[2016/07/03 00:03:57 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndisuio.sys.mui
[2016/07/03 00:03:57 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mountmgr.sys.mui
[2016/07/03 00:03:54 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndiscap.sys.mui
[2016/07/03 00:03:53 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
[2016/07/03 00:03:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\scfilter.sys.mui
[2016/07/03 00:03:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\fltmgr.sys.mui
[2016/07/03 00:03:49 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndis.sys.mui
[2016/07/03 00:03:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wdf01000.sys.mui
[2016/07/03 00:03:46 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
[2016/07/03 00:03:46 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
[2016/07/03 00:03:45 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\http.sys.mui
[2016/07/03 00:03:44 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ws2ifsl.sys.mui
[2016/07/02 23:56:33 | 000,766,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2016/07/01 12:58:30 | 000,453,077 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20160713-074529.backup
[2016/07/01 10:26:15 | 000,001,383 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2016/07/01 09:34:35 | 000,000,967 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20160701-125830.backup
[2016/06/30 09:35:36 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2016/06/30 09:31:20 | 000,022,704 | ---- | M] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2016/06/29 16:33:40 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/07/28 22:57:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/07/21 12:06:15 | 000,000,706 | ---- | C] () -- F:\Users\Bax2013\Desktop\MediaCoder x64.lnk
[2016/07/19 22:00:47 | 000,000,812 | ---- | C] () -- C:\Users\Public\Desktop\MKVToolNix GUI.lnk
[2016/07/17 23:21:07 | 000,002,085 | ---- | C] () -- F:\Users\Bax2013\Desktop\Prvý používateľ - Chrome - kópia.lnk
[2016/07/15 23:13:09 | 000,390,642 | ---- | C] () -- F:\Users\Bax2013\Documents\viessman rud kopia vymaž.pdf
[2016/07/15 23:11:30 | 000,390,637 | ---- | C] () -- F:\Users\Bax2013\Documents\Viessman rudo kotol.pdf
[2016/07/13 23:09:58 | 000,060,825 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ Obratyk 13.7.2016 vypis.pdf
[2016/07/13 23:08:56 | 000,063,354 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ EUR platby do krajín SEPA, SR a v rámci SLSP Platby v cudzej mene v rámci SLSP_1611,62.pdf
[2016/07/13 23:08:25 | 000,036,462 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ Detailyk 13.7.2016 .pdf
[2016/07/13 23:07:47 | 000,035,778 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - ÚčtyAses managment13.07.2016.pdf
[2016/07/13 23:05:46 | 000,036,268 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účtyzručenie5285,68.pdf
[2016/07/13 23:04:55 | 000,063,145 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ EUR platby do krajín SEPA, SR a v rámci SLSP Platby v cudzej mene v rámci SLSP_641,3.pdf
[2016/07/06 22:47:02 | 000,001,366 | ---- | C] () -- C:\Users\Public\Desktop\Free Video Flip and Rotate.lnk
[2016/07/06 22:47:02 | 000,001,245 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2016/07/05 09:15:39 | 000,017,312 | ---- | C] () -- F:\Users\Bax2013\Documents\OZ.veg
[2016/07/04 11:40:23 | 000,077,824 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2016/07/03 14:18:43 | 000,103,060 | ---- | C] () -- C:\Windows\SysNative\perfh01B.dat
[2016/07/03 14:18:43 | 000,019,304 | ---- | C] () -- C:\Windows\SysNative\perfc01B.dat
[2016/07/03 14:18:42 | 000,292,004 | ---- | C] () -- C:\Windows\SysNative\perfi005.dat
[2016/07/03 14:18:41 | 000,660,758 | ---- | C] () -- C:\Windows\SysNative\perfh005.dat
[2016/07/03 14:18:41 | 000,141,408 | ---- | C] () -- C:\Windows\SysNative\perfc005.dat
[2016/07/03 14:18:41 | 000,036,232 | ---- | C] () -- C:\Windows\SysNative\perfd005.dat
[2016/07/01 10:26:15 | 000,001,395 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2016/07/01 10:26:15 | 000,001,383 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2016/06/30 09:35:36 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2016/06/30 09:31:20 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2016/03/06 21:48:53 | 000,000,041 | ---- | C] () -- C:\Windows\Wininit.ini
[2016/02/01 19:38:44 | 005,407,184 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2016/01/16 00:45:50 | 000,041,472 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\Hexit.dat
[2016/01/16 00:45:50 | 000,000,187 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\Hexit.exe.config
[2015/02/01 13:21:04 | 000,000,136 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\configurator.xml
[2014/12/17 00:16:46 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2014/12/17 00:16:46 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2014/08/17 12:05:32 | 000,000,001 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\llftool.4.40.agreement
[2014/07/22 18:53:30 | 000,001,206 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamStudio.Producer.ini
[2014/07/22 18:53:30 | 000,000,000 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamStudio.Producer.Data.ini
[2014/07/22 17:44:33 | 000,004,567 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamStudio.cfg
[2014/07/22 17:44:33 | 000,000,408 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamShapes.ini
[2014/07/22 17:44:33 | 000,000,408 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamLayout.ini
[2014/07/22 17:44:33 | 000,000,115 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\Camdata.ini
[2014/07/22 17:16:19 | 000,000,096 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\version2.xml
[2014/06/19 23:45:25 | 000,014,336 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/06/17 00:14:31 | 000,007,597 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\Resmon.ResmonCfg
[2014/05/02 17:28:38 | 000,000,248 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\.ptbt1
[2014/02/27 23:46:54 | 000,000,000 | ---- | C] () -- C:\Users\Bax2013\regbcm
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/04/09 08:58:02 | 014,186,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/04/09 08:54:53 | 012,881,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[2016/07/25 11:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- F:\Users\Bax2013\Desktop\OTL.exe
[2016/07/21 12:06:15 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64
[2016/07/21 12:06:14 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Mediatronic
[2016/07/19 22:01:44 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Local\bunkus.org
[2016/07/19 22:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
[2016/07/17 23:11:06 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung
[2016/07/17 23:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2016/07/17 22:33:17 | 000,000,000 | ---D | C] -- C:\PCShareManagerUpload
[2016/07/17 22:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2016/07/17 14:56:41 | 000,213,088 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudserd.sys
[2016/07/17 14:56:41 | 000,213,088 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2016/07/17 14:56:41 | 000,120,416 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2016/07/17 10:46:05 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Kodi
[2016/07/17 10:20:57 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
[2016/07/16 23:39:06 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\.dvdcss
[2016/07/16 00:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
[2016/07/16 00:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\PMS
[2016/07/16 00:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PS3 Media Server
[2016/07/14 23:44:28 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Serviio-Console-Wrapper
[2016/07/14 23:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio
[2016/07/14 22:46:08 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Lavasoft
[2016/07/11 23:34:54 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2016/07/09 10:28:49 | 000,052,392 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys
[2016/07/09 09:13:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2016/07/09 00:13:28 | 000,000,000 | -H-D | C] -- C:\Users\Bax2013\AppData\Roaming\GoldenGate
[2016/07/09 00:13:28 | 000,000,000 | -H-D | C] -- C:\Users\Bax2013\AppData\Roaming\Booking_helper
[2016/07/06 22:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2016/07/06 22:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2016/07/06 22:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2016/07/06 22:29:18 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\DVDVideoSoft
[2016/07/06 11:46:43 | 000,055,056 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[2016/07/05 08:19:28 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Local\AvastSupport
[2016/07/04 12:23:38 | 000,000,000 | ---D | C] -- F:\Users\Bax2013\Documents\aaaa
[2016/07/03 23:49:25 | 000,000,000 | ---D | C] -- F:\Users\Bax2013\Desktop\IKONY programov
[2016/07/03 14:26:57 | 000,994,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2016/07/03 14:26:57 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2016/07/03 14:26:57 | 000,063,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2016/07/03 14:26:57 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2016/07/03 14:26:57 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2016/07/03 14:26:57 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2016/07/03 14:26:57 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2016/07/03 14:26:57 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2016/07/03 14:26:57 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2016/07/03 14:26:57 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2016/07/03 14:26:57 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l2-1-0.dll
[2016/07/03 14:26:57 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l2-1-0.dll
[2016/07/03 14:26:56 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2016/07/03 14:26:56 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2016/07/03 14:26:56 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2016/07/03 14:26:56 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2016/07/03 14:26:56 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2016/07/03 14:26:56 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2016/07/03 14:26:56 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2016/07/03 14:26:56 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2016/07/03 14:26:56 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2016/07/03 14:26:56 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2016/07/03 14:26:56 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2016/07/03 14:26:56 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
[2016/07/03 14:26:56 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-2-0.dll
[2016/07/03 14:26:56 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2016/07/03 14:26:56 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-2-0.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
[2016/07/03 14:26:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-1.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-timezone-l1-1-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
[2016/07/03 14:26:56 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-2-0.dll
[2016/07/03 00:30:29 | 000,000,000 | ---D | C] -- C:\Windows\EOONotify
[2016/07/03 00:30:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs
[2016/07/03 00:30:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2016/07/03 00:30:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\cs-CZ
[2016/07/03 00:30:24 | 000,000,000 | ---D | C] -- C:\Windows\cs-CZ
[2016/07/03 00:30:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cs
[2016/07/03 00:30:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2016/07/03 00:04:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdvgkmd.sys.mui
[2016/07/03 00:04:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tsusbhub.sys.mui
[2016/07/03 00:04:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbrpm.sys.mui
[2016/07/03 00:04:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\fvevol.sys.mui
[2016/07/03 00:04:24 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
[2016/07/03 00:04:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\nwifi.sys.mui
[2016/07/03 00:04:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\qwavedrv.sys.mui
[2016/07/03 00:04:20 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrSerId.sys.mui
[2016/07/03 00:04:20 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrSerIb.sys.mui
[2016/07/03 00:04:20 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\MTConfig.sys.mui
[2016/07/03 00:04:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbport.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\processr.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\intelppm.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdppm.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdk8.sys.mui
[2016/07/03 00:04:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbhub.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\serial.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\battc.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\acpi.sys.mui
[2016/07/03 00:04:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\IPMIDrv.sys.mui
[2016/07/03 00:04:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wacompen.sys.mui
[2016/07/03 00:04:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tpm.sys.mui
[2016/07/03 00:04:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\parport.sys.mui
[2016/07/03 00:04:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\umbus.sys.mui
[2016/07/03 00:04:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ataport.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wd.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\disk.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\cdrom.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdide.sys.mui
[2016/07/03 00:04:18 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mpio.sys.mui
[2016/07/03 00:04:18 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\volsnap.sys.mui
[2016/07/03 00:04:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ohci1394.sys.mui
[2016/07/03 00:04:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\1394ohci.sys.mui
[2016/07/03 00:04:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\i8042prt.sys.mui
[2016/07/03 00:04:18 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pci.sys.mui
[2016/07/03 00:04:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\msdsm.sys.mui
[2016/07/03 00:04:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthport.sys.mui
[2016/07/03 00:04:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\sermouse.sys.mui
[2016/07/03 00:04:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\kbdclass.sys.mui
[2016/07/03 00:04:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthpan.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vhdmp.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vdrvroot.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pcmcia.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mouclass.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\hdaudbus.sys.mui
[2016/07/03 00:04:18 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\cs-CZ\pscr.sys.mui
[2016/07/03 00:04:18 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\isapnp.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mssmbios.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\hidbth.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\GAGP30KX.SYS.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\cs-CZ\atikmdag.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vwifibus.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ULIAGPKX.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\UAGP35.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pnpmem.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\NV_AGP.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mouhid.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\kbdhid.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\BTHUSB.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\AGP440.sys.mui
[2016/07/03 00:04:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthenum.sys.mui
[2016/07/03 00:04:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tcpip.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tsusbflt.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\portcls.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\HdAudio.sys.mui
[2016/07/03 00:04:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rndismpx.sys.mui
[2016/07/03 00:04:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rndismp6.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\serscan.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\Dot4usb.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrParwdm.sys.mui
[2016/07/03 00:04:12 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pacer.sys.mui
[2016/07/03 00:04:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdpwd.sys.mui
[2016/07/03 00:04:09 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bfe.dll.mui
[2016/07/03 00:04:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\modem.sys.mui
[2016/07/03 00:04:06 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\volmgrx.sys.mui
[2016/07/03 00:04:05 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\afd.sys.mui
[2016/07/03 00:04:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tunnel.sys.mui
[2016/07/03 00:04:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\luafv.sys.mui
[2016/07/03 00:04:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdbss.sys.mui
[2016/07/03 00:04:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
[2016/07/03 00:04:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ntfs.sys.mui
[2016/07/03 00:04:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
[2016/07/03 00:03:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\partmgr.sys.mui
[2016/07/03 00:03:57 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndisuio.sys.mui
[2016/07/03 00:03:57 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mountmgr.sys.mui
[2016/07/03 00:03:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndiscap.sys.mui
[2016/07/03 00:03:53 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
[2016/07/03 00:03:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\scfilter.sys.mui
[2016/07/03 00:03:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\fltmgr.sys.mui
[2016/07/03 00:03:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndis.sys.mui
[2016/07/03 00:03:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wdf01000.sys.mui
[2016/07/03 00:03:46 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
[2016/07/03 00:03:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
[2016/07/03 00:03:45 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\http.sys.mui
[2016/07/03 00:03:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ws2ifsl.sys.mui
[2016/07/02 23:49:25 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016/07/02 23:49:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016/07/02 23:49:25 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016/07/02 23:49:25 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2016/07/02 23:49:25 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016/07/02 23:49:25 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016/07/02 23:49:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016/07/02 23:49:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016/07/02 23:49:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016/07/02 23:49:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016/07/02 23:49:25 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016/07/02 23:49:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016/07/02 23:49:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016/07/02 23:49:24 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016/07/02 23:49:24 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016/07/02 23:49:24 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016/07/02 23:49:24 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016/07/02 23:49:24 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016/07/02 23:49:24 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016/07/02 23:49:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016/07/02 23:49:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016/07/02 23:49:23 | 002,131,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016/07/02 23:49:23 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016/07/02 23:49:23 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016/07/02 23:49:23 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016/07/02 23:49:23 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016/07/02 23:49:23 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016/07/02 23:49:22 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016/07/02 23:49:22 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016/07/02 23:49:22 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016/07/02 23:49:22 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016/07/02 23:49:22 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016/07/02 23:49:22 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016/07/02 23:49:22 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016/07/02 23:49:21 | 006,051,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016/07/02 23:49:21 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016/07/02 23:49:21 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016/07/02 23:49:21 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016/07/02 23:49:21 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016/07/02 23:49:21 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016/07/02 23:49:20 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016/07/02 23:49:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016/07/02 23:49:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016/07/02 23:48:14 | 005,546,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016/07/02 23:48:14 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016/07/02 23:48:14 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016/07/02 23:48:14 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016/07/02 23:48:13 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016/07/02 23:48:13 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016/07/02 23:48:13 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016/07/02 23:48:13 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016/07/02 23:48:13 | 000,706,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2016/07/02 23:48:13 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016/07/02 23:48:13 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016/07/02 23:48:13 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2016/07/02 23:48:13 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016/07/02 23:48:13 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2016/07/02 23:48:13 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016/07/02 23:48:13 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016/07/02 23:48:13 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2016/07/02 23:48:13 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016/07/02 23:48:13 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016/07/02 23:48:13 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016/07/02 23:48:13 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016/07/02 23:48:13 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016/07/02 23:48:13 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2016/07/02 23:48:13 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2016/07/02 23:48:13 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016/07/02 23:48:13 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016/07/02 23:48:13 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2016/07/02 23:48:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016/07/02 23:48:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016/07/02 23:48:13 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016/07/02 23:48:13 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2016/07/02 23:48:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016/07/02 23:48:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016/07/02 23:48:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2016/07/02 23:48:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2016/07/02 23:48:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016/07/02 23:48:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016/07/02 23:48:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016/07/02 23:48:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016/07/02 23:48:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016/07/02 23:48:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016/07/02 23:48:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016/07/02 23:48:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2016/07/02 23:48:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016/07/02 23:48:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016/07/02 23:48:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016/07/02 23:48:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016/07/02 23:48:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016/07/02 23:48:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016/07/02 23:48:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016/07/02 23:48:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016/07/02 23:48:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016/07/02 23:48:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016/07/02 23:48:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016/07/02 23:48:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016/07/02 23:48:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016/07/02 23:48:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016/07/02 23:48:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016/07/02 23:48:01 | 001,307,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2adec.dll
[2016/07/02 23:48:00 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2016/07/02 23:48:00 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2016/07/02 23:48:00 | 001,955,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2016/07/02 23:48:00 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2016/07/02 23:48:00 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2016/07/02 23:48:00 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOE.DLL
[2016/07/02 23:48:00 | 001,573,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2016/07/02 23:48:00 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2016/07/02 23:48:00 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2016/07/02 23:48:00 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2016/07/02 23:48:00 | 001,153,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOE.DLL
[2016/07/02 23:48:00 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2016/07/02 23:48:00 | 001,010,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2016/07/02 23:48:00 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2016/07/02 23:48:00 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2adec.dll
[2016/07/02 23:48:00 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2016/07/02 23:48:00 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2016/07/02 23:48:00 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOE.DLL
[2016/07/02 23:48:00 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2016/07/02 23:48:00 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2016/07/02 23:48:00 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2016/07/02 23:48:00 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2016/07/02 23:48:00 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2016/07/02 23:48:00 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2016/07/02 23:48:00 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2016/07/02 23:48:00 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\COLORCNV.DLL
[2016/07/02 23:48:00 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COLORCNV.DLL
[2016/07/02 23:47:59 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2016/07/02 23:47:59 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2016/07/02 23:47:59 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2016/07/02 23:47:59 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOE.DLL
[2016/07/02 23:47:59 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2016/07/02 23:47:59 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2016/07/02 23:47:59 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFWMAAEC.DLL
[2016/07/02 23:47:59 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2016/07/02 23:47:59 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFWMAAEC.DLL
[2016/07/02 23:47:59 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSENCD.DLL
[2016/07/02 23:47:59 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2016/07/02 23:47:59 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2016/07/02 23:47:59 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2016/07/02 23:47:59 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2016/07/02 23:47:59 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSENCD.DLL
[2016/07/02 23:47:59 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2016/07/02 23:47:59 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VIDRESZR.DLL
[2016/07/02 23:47:59 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2016/07/02 23:47:59 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2016/07/02 23:47:59 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MPG4DECD.DLL
[2016/07/02 23:47:59 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP43DECD.DLL
[2016/07/02 23:47:59 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2016/07/02 23:47:59 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RESAMPLEDMO.DLL
[2016/07/02 23:47:59 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MPG4DECD.DLL
[2016/07/02 23:47:59 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP43DECD.DLL
[2016/07/02 23:47:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RESAMPLEDMO.DLL
[2016/07/02 23:47:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2016/07/02 23:47:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2016/07/02 23:47:59 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2016/07/02 23:47:59 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VIDRESZR.DLL
[2016/07/02 23:47:59 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2016/07/02 23:47:59 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2016/07/02 23:47:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP3DMOD.DLL
[2016/07/02 23:47:59 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP3DMOD.DLL
[2016/07/02 23:47:59 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devenum.dll
[2016/07/02 23:47:59 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfvdsp.dll
[2016/07/02 23:47:59 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devenum.dll
[2016/07/02 23:47:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2016/07/02 23:47:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfvdsp.dll
[2016/07/02 23:47:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2016/07/02 23:47:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2016/07/02 23:47:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2016/07/02 23:47:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksuser.dll
[2016/07/02 23:47:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2016/07/02 23:47:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2016/07/02 23:47:56 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2016/07/02 23:47:56 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2016/07/02 23:47:56 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2016/07/02 23:47:56 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2016/07/02 23:47:55 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2016/07/02 23:47:55 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxoci.dll
[2016/07/02 23:47:55 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxoci.dll
[2016/07/02 23:47:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2016/07/02 23:47:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2016/07/02 23:47:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdgeoqw.dll
[2016/07/02 23:47:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZEL.DLL
[2016/07/02 23:47:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZE.DLL
[2016/07/02 23:47:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZE.DLL
[2016/07/02 23:47:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdgeoqw.dll
[2016/07/02 23:47:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZEL.DLL
[2016/07/02 23:47:38 | 001,413,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016/07/02 23:47:38 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016/07/02 23:47:38 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2016/07/02 23:47:38 | 000,544,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2016/07/02 23:47:38 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2016/07/02 23:47:38 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\centel.dll
[2016/07/02 23:47:38 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2016/07/02 23:47:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2016/07/02 23:47:38 | 000,041,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016/07/02 23:47:33 | 014,634,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2016/07/02 23:47:32 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2016/07/02 23:47:32 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2016/07/02 23:47:32 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2016/07/02 23:47:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2016/07/02 23:47:32 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2016/07/02 23:47:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2016/07/02 23:47:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2016/07/02 23:47:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2016/07/02 23:47:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2016/07/02 23:47:28 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2016/07/02 23:47:26 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2016/07/02 23:47:26 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2016/07/02 23:47:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[2016/07/02 23:47:24 | 001,735,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2016/07/02 23:47:24 | 000,525,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2016/07/02 23:47:23 | 001,242,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2016/07/02 23:47:23 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2016/07/02 23:47:23 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2016/07/02 23:47:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2016/07/02 23:47:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netbtugc.exe
[2016/07/02 23:47:22 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2016/07/02 23:47:22 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2016/07/02 23:47:22 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\polstore.dll
[2016/07/02 23:47:22 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2016/07/02 23:47:22 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winipsec.dll
[2016/07/02 23:47:22 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2016/07/02 23:47:22 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2016/07/02 23:47:22 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winipsec.dll
[2016/07/02 23:47:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2016/07/02 23:47:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpscript.dll
[2016/07/02 23:47:22 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpscript.dll
[2016/07/02 23:47:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpscript.exe
[2016/07/02 23:47:22 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpscript.exe
[2016/07/02 23:47:20 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2016/07/02 23:47:20 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2016/07/02 23:47:20 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2016/07/02 23:47:20 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2016/07/02 23:47:20 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2016/07/02 23:47:20 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2016/07/02 23:47:19 | 000,382,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2016/07/02 23:47:19 | 000,308,456 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2016/07/02 23:47:19 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2016/07/02 23:47:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2016/07/02 23:47:19 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2016/07/02 23:47:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2016/07/02 23:47:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2016/07/02 23:47:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2016/07/02 23:47:18 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2016/07/02 23:47:18 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2016/07/02 23:47:18 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2016/07/02 23:47:17 | 000,264,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2016/07/02 23:47:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2016/07/02 23:47:15 | 003,231,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2016/07/02 23:47:15 | 002,973,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2016/07/02 23:47:15 | 001,867,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2016/07/02 23:47:15 | 001,499,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2016/07/02 23:47:13 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2016/07/02 23:47:13 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2016/07/02 23:47:13 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2016/07/02 23:47:13 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshrm.dll
[2016/07/02 23:47:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2016/07/02 23:47:12 | 003,180,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2016/07/02 23:47:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2016/07/02 23:47:12 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\els.dll
[2016/07/02 23:47:12 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\els.dll
[2016/07/02 23:47:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2016/07/02 23:47:11 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2016/07/02 23:45:19 | 003,243,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2016/07/02 23:45:19 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2016/07/02 23:45:19 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2016/07/02 23:45:19 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2016/07/02 23:45:19 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2016/07/02 23:45:19 | 000,114,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2016/07/02 23:45:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2016/07/02 23:45:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2016/07/02 23:40:54 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2016/07/01 12:49:47 | 000,000,000 | ---D | C] -- F:\Users\Bax2013\Documents\ProcAlyzer Dumps
[2016/07/01 12:04:45 | 000,821,920 | ---- | C] (Safer-Networking Ltd. ) -- C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
[2016/07/01 10:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2016/07/01 10:26:13 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2016/07/01 10:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2016/07/01 10:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2016/07/01 10:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2016/07/01 10:05:51 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2016/06/30 23:49:25 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\Doctor Web
[2016/06/30 10:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016/06/30 10:34:44 | 000,000,000 | ---D | C] -- C:\rsit
[2016/06/30 09:35:11 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group
[2016/06/30 09:35:08 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\Start Menu
[2016/06/30 09:02:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vbox
[2016/06/30 09:02:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vbox
[2016/06/29 13:57:18 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Roaming\Firefox
[2016/06/29 13:57:18 | 000,000,000 | ---D | C] -- C:\Users\Bax2013\AppData\Local\Firefox
[2016/06/29 13:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefox
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/07/28 22:57:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/07/28 22:52:13 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/07/28 22:51:22 | 000,000,874 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000Core.job
[2016/07/28 22:50:04 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/07/28 22:41:46 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000UA.job
[2016/07/28 22:41:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/07/28 10:02:05 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/07/28 10:02:05 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/07/28 09:54:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/07/26 21:05:23 | 001,691,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/07/26 21:05:23 | 000,660,758 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/07/26 21:05:23 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/07/26 21:05:23 | 000,141,408 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/07/26 21:05:23 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/07/26 21:05:23 | 000,103,060 | ---- | M] () -- C:\Windows\SysNative\perfh01B.dat
[2016/07/26 21:05:23 | 000,019,304 | ---- | M] () -- C:\Windows\SysNative\perfc01B.dat
[2016/07/26 21:00:45 | 4248,928,254 | -HS- | M] () -- C:\hiberfil.sys
[2016/07/25 11:15:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Bax2013\Desktop\OTL.exe
[2016/07/21 12:06:15 | 000,000,706 | ---- | M] () -- F:\Users\Bax2013\Desktop\MediaCoder x64.lnk
[2016/07/19 22:00:47 | 000,000,812 | ---- | M] () -- C:\Users\Public\Desktop\MKVToolNix GUI.lnk
[2016/07/17 23:23:01 | 000,002,085 | ---- | M] () -- F:\Users\Bax2013\Desktop\Prvý používateľ - Chrome - kópia.lnk
[2016/07/17 14:56:52 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2016/07/15 23:13:13 | 000,390,642 | ---- | M] () -- F:\Users\Bax2013\Documents\viessman rud kopia vymaž.pdf
[2016/07/15 23:11:35 | 000,390,637 | ---- | M] () -- F:\Users\Bax2013\Documents\Viessman rudo kotol.pdf
[2016/07/15 22:07:41 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/07/15 22:07:41 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/07/13 23:09:58 | 000,060,825 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ Obratyk 13.7.2016 vypis.pdf
[2016/07/13 23:08:56 | 000,063,354 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ EUR platby do krajín SEPA, SR a v rámci SLSP Platby v cudzej mene v rámci SLSP_1611,62.pdf
[2016/07/13 23:08:26 | 000,036,462 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ Detailyk 13.7.2016 .pdf
[2016/07/13 23:07:47 | 000,035,778 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - ÚčtyAses managment13.07.2016.pdf
[2016/07/13 23:05:46 | 000,036,268 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účtyzručenie5285,68.pdf
[2016/07/13 23:04:56 | 000,063,145 | ---- | M] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ EUR platby do krajín SEPA, SR a v rámci SLSP Platby v cudzej mene v rámci SLSP_641,3.pdf
[2016/07/13 07:45:29 | 000,453,077 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2016/07/11 23:35:14 | 000,001,147 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2016/07/09 10:00:01 | 000,000,312 | ---- | M] () -- C:\Users\Public\Documents\report.dat
[2016/07/07 16:21:45 | 000,001,059 | ---- | M] () -- F:\Users\Bax2013\Desktop\opera - odkaz.lnk
[2016/07/07 10:30:36 | 000,002,073 | ---- | M] () -- F:\Users\Bax2013\Desktop\Kyslé uhorky - Chrome.lnk
[2016/07/07 10:30:36 | 000,002,033 | ---- | M] () -- F:\Users\Bax2013\Desktop\Prvý používateľ - Chrome.lnk
[2016/07/06 22:47:02 | 000,001,366 | ---- | M] () -- C:\Users\Public\Desktop\Free Video Flip and Rotate.lnk
[2016/07/06 22:47:02 | 000,001,245 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2016/07/05 09:15:39 | 000,017,312 | ---- | M] () -- F:\Users\Bax2013\Documents\OZ.veg
[2016/07/05 08:21:21 | 000,001,306 | ---- | M] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
[2016/07/04 23:17:57 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\PDF Architect 2.lnk
[2016/07/04 11:41:30 | 000,000,161 | ---- | M] () -- C:\Windows\AutoKMS.ini
[2016/07/04 11:41:29 | 000,077,824 | ---- | M] () -- C:\Windows\KMSEmulator.exe
[2016/07/03 14:17:52 | 000,340,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016/07/03 00:05:11 | 000,292,004 | ---- | M] () -- C:\Windows\SysNative\perfi005.dat
[2016/07/03 00:05:11 | 000,036,232 | ---- | M] () -- C:\Windows\SysNative\perfd005.dat
[2016/07/03 00:04:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdvgkmd.sys.mui
[2016/07/03 00:04:42 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tsusbhub.sys.mui
[2016/07/03 00:04:42 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbrpm.sys.mui
[2016/07/03 00:04:35 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\fvevol.sys.mui
[2016/07/03 00:04:28 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\cs-CZ\WpdMtpDr.dll.mui
[2016/07/03 00:04:24 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
[2016/07/03 00:04:23 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\nwifi.sys.mui
[2016/07/03 00:04:23 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\qwavedrv.sys.mui
[2016/07/03 00:04:20 | 000,009,728 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrSerId.sys.mui
[2016/07/03 00:04:20 | 000,009,728 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrSerIb.sys.mui
[2016/07/03 00:04:20 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\MTConfig.sys.mui
[2016/07/03 00:04:19 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbport.sys.mui
[2016/07/03 00:04:19 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\volsnap.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\processr.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\intelppm.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdppm.sys.mui
[2016/07/03 00:04:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdk8.sys.mui
[2016/07/03 00:04:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\usbhub.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\serial.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\battc.sys.mui
[2016/07/03 00:04:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\acpi.sys.mui
[2016/07/03 00:04:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\IPMIDrv.sys.mui
[2016/07/03 00:04:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wacompen.sys.mui
[2016/07/03 00:04:19 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tpm.sys.mui
[2016/07/03 00:04:19 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\parport.sys.mui
[2016/07/03 00:04:19 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\umbus.sys.mui
[2016/07/03 00:04:19 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ataport.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wd.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\disk.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\cdrom.sys.mui
[2016/07/03 00:04:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\amdide.sys.mui
[2016/07/03 00:04:18 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mpio.sys.mui
[2016/07/03 00:04:18 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ohci1394.sys.mui
[2016/07/03 00:04:18 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\1394ohci.sys.mui
[2016/07/03 00:04:18 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\i8042prt.sys.mui
[2016/07/03 00:04:18 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pci.sys.mui
[2016/07/03 00:04:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\msdsm.sys.mui
[2016/07/03 00:04:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthport.sys.mui
[2016/07/03 00:04:18 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\cs-CZ\WUDFUsbccidDriver.dll.mui
[2016/07/03 00:04:18 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\sermouse.sys.mui
[2016/07/03 00:04:18 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\kbdclass.sys.mui
[2016/07/03 00:04:18 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthpan.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vhdmp.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vdrvroot.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pcmcia.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mouclass.sys.mui
[2016/07/03 00:04:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\hdaudbus.sys.mui
[2016/07/03 00:04:18 | 000,003,584 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\cs-CZ\pscr.sys.mui
[2016/07/03 00:04:18 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\isapnp.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mssmbios.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\hidbth.sys.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\GAGP30KX.SYS.mui
[2016/07/03 00:04:18 | 000,003,072 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\cs-CZ\atikmdag.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vwifibus.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ULIAGPKX.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\UAGP35.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pnpmem.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\NV_AGP.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mouhid.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\kbdhid.sys.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\BTHUSB.SYS.mui
[2016/07/03 00:04:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\AGP440.sys.mui
[2016/07/03 00:04:18 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bthenum.sys.mui
[2016/07/03 00:04:16 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tcpip.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tsusbflt.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\portcls.sys.mui
[2016/07/03 00:04:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\HdAudio.sys.mui
[2016/07/03 00:04:16 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rndismpx.sys.mui
[2016/07/03 00:04:16 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rndismp6.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\serscan.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\Dot4usb.sys.mui
[2016/07/03 00:04:16 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\cs-CZ\BrParwdm.sys.mui
[2016/07/03 00:04:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\pacer.sys.mui
[2016/07/03 00:04:12 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdpwd.sys.mui
[2016/07/03 00:04:09 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\bfe.dll.mui
[2016/07/03 00:04:06 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\modem.sys.mui
[2016/07/03 00:04:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\volmgrx.sys.mui
[2016/07/03 00:04:05 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\afd.sys.mui
[2016/07/03 00:04:02 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\tunnel.sys.mui
[2016/07/03 00:04:02 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\luafv.sys.mui
[2016/07/03 00:04:02 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\rdbss.sys.mui
[2016/07/03 00:04:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
[2016/07/03 00:04:01 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ntfs.sys.mui
[2016/07/03 00:04:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
[2016/07/03 00:03:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\partmgr.sys.mui
[2016/07/03 00:03:57 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndisuio.sys.mui
[2016/07/03 00:03:57 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\mountmgr.sys.mui
[2016/07/03 00:03:54 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndiscap.sys.mui
[2016/07/03 00:03:53 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
[2016/07/03 00:03:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\scfilter.sys.mui
[2016/07/03 00:03:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\fltmgr.sys.mui
[2016/07/03 00:03:49 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ndis.sys.mui
[2016/07/03 00:03:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\wdf01000.sys.mui
[2016/07/03 00:03:46 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
[2016/07/03 00:03:46 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
[2016/07/03 00:03:45 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\http.sys.mui
[2016/07/03 00:03:44 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\ws2ifsl.sys.mui
[2016/07/02 23:56:33 | 000,766,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2016/07/01 12:58:30 | 000,453,077 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20160713-074529.backup
[2016/07/01 10:26:15 | 000,001,383 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2016/07/01 09:34:35 | 000,000,967 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20160701-125830.backup
[2016/06/30 09:35:36 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2016/06/30 09:31:20 | 000,022,704 | ---- | M] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2016/06/29 16:33:40 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/07/28 22:57:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/07/21 12:06:15 | 000,000,706 | ---- | C] () -- F:\Users\Bax2013\Desktop\MediaCoder x64.lnk
[2016/07/19 22:00:47 | 000,000,812 | ---- | C] () -- C:\Users\Public\Desktop\MKVToolNix GUI.lnk
[2016/07/17 23:21:07 | 000,002,085 | ---- | C] () -- F:\Users\Bax2013\Desktop\Prvý používateľ - Chrome - kópia.lnk
[2016/07/15 23:13:09 | 000,390,642 | ---- | C] () -- F:\Users\Bax2013\Documents\viessman rud kopia vymaž.pdf
[2016/07/15 23:11:30 | 000,390,637 | ---- | C] () -- F:\Users\Bax2013\Documents\Viessman rudo kotol.pdf
[2016/07/13 23:09:58 | 000,060,825 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ Obratyk 13.7.2016 vypis.pdf
[2016/07/13 23:08:56 | 000,063,354 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ EUR platby do krajín SEPA, SR a v rámci SLSP Platby v cudzej mene v rámci SLSP_1611,62.pdf
[2016/07/13 23:08:25 | 000,036,462 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ Detailyk 13.7.2016 .pdf
[2016/07/13 23:07:47 | 000,035,778 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - ÚčtyAses managment13.07.2016.pdf
[2016/07/13 23:05:46 | 000,036,268 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účtyzručenie5285,68.pdf
[2016/07/13 23:04:55 | 000,063,145 | ---- | C] () -- F:\Users\Bax2013\Documents\Internetbanking SLSP, a.s. - Účty _ EUR platby do krajín SEPA, SR a v rámci SLSP Platby v cudzej mene v rámci SLSP_641,3.pdf
[2016/07/06 22:47:02 | 000,001,366 | ---- | C] () -- C:\Users\Public\Desktop\Free Video Flip and Rotate.lnk
[2016/07/06 22:47:02 | 000,001,245 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2016/07/05 09:15:39 | 000,017,312 | ---- | C] () -- F:\Users\Bax2013\Documents\OZ.veg
[2016/07/04 11:40:23 | 000,077,824 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2016/07/03 14:18:43 | 000,103,060 | ---- | C] () -- C:\Windows\SysNative\perfh01B.dat
[2016/07/03 14:18:43 | 000,019,304 | ---- | C] () -- C:\Windows\SysNative\perfc01B.dat
[2016/07/03 14:18:42 | 000,292,004 | ---- | C] () -- C:\Windows\SysNative\perfi005.dat
[2016/07/03 14:18:41 | 000,660,758 | ---- | C] () -- C:\Windows\SysNative\perfh005.dat
[2016/07/03 14:18:41 | 000,141,408 | ---- | C] () -- C:\Windows\SysNative\perfc005.dat
[2016/07/03 14:18:41 | 000,036,232 | ---- | C] () -- C:\Windows\SysNative\perfd005.dat
[2016/07/01 10:26:15 | 000,001,395 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2016/07/01 10:26:15 | 000,001,383 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2016/06/30 09:35:36 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2016/06/30 09:31:20 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2016/03/06 21:48:53 | 000,000,041 | ---- | C] () -- C:\Windows\Wininit.ini
[2016/02/01 19:38:44 | 005,407,184 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2016/01/16 00:45:50 | 000,041,472 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\Hexit.dat
[2016/01/16 00:45:50 | 000,000,187 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\Hexit.exe.config
[2015/02/01 13:21:04 | 000,000,136 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\configurator.xml
[2014/12/17 00:16:46 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2014/12/17 00:16:46 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2014/08/17 12:05:32 | 000,000,001 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\llftool.4.40.agreement
[2014/07/22 18:53:30 | 000,001,206 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamStudio.Producer.ini
[2014/07/22 18:53:30 | 000,000,000 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamStudio.Producer.Data.ini
[2014/07/22 17:44:33 | 000,004,567 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamStudio.cfg
[2014/07/22 17:44:33 | 000,000,408 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamShapes.ini
[2014/07/22 17:44:33 | 000,000,408 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\CamLayout.ini
[2014/07/22 17:44:33 | 000,000,115 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\Camdata.ini
[2014/07/22 17:16:19 | 000,000,096 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\version2.xml
[2014/06/19 23:45:25 | 000,014,336 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/06/17 00:14:31 | 000,007,597 | ---- | C] () -- C:\Users\Bax2013\AppData\Local\Resmon.ResmonCfg
[2014/05/02 17:28:38 | 000,000,248 | ---- | C] () -- C:\Users\Bax2013\AppData\Roaming\.ptbt1
[2014/02/27 23:46:54 | 000,000,000 | ---- | C] () -- C:\Users\Bax2013\regbcm
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/04/09 08:58:02 | 014,186,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/04/09 08:54:53 | 012,881,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
Re: Prosím o kontrolu CPU 100%
========== LOP Check ==========
[2014/02/26 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ACD Systems
[2016/05/09 14:08:28 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Ancestry
[2014/02/27 23:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AnvSoft
[2014/02/26 17:25:35 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AVAST Software
[2016/07/07 23:15:44 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\avidemux
[2015/04/28 23:07:33 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\BitTorrent Sync
[2016/07/09 00:13:32 | 000,000,000 | -H-D | M] -- C:\Users\Bax2013\AppData\Roaming\Booking_helper
[2014/05/11 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Broad Intelligence
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\CadSoft
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\calibre
[2014/11/10 13:07:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Canon
[2014/02/28 18:43:54 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DAEMON Tools Pro
[2014/02/26 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DeepBurner
[2016/07/26 20:59:27 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DMCache
[2016/07/11 23:34:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Dropbox
[2016/07/06 22:47:13 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DVDVideoSoft
[2016/05/22 17:32:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\eCyber
[2016/05/26 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Elex-tech
[2014/05/03 17:50:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\eM Client
[2016/06/30 09:35:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group
[2015/03/09 00:08:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Faktury Plus
[2016/06/29 13:57:18 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Firefox
[2014/08/04 15:32:59 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\FLV and Media Player
[2014/02/26 17:33:34 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\GHISLER
[2016/07/09 00:13:31 | 000,000,000 | -H-D | M] -- C:\Users\Bax2013\AppData\Roaming\GoldenGate
[2015/03/29 14:49:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Goldstarway Trading
[2014/07/19 08:47:56 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\GrabPro
[2016/07/28 22:42:12 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\IDM
[2014/07/23 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\IGC
[2014/05/13 21:10:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ImgBurn
[2016/07/23 09:27:46 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Kodi
[2015/03/08 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Kopsik
[2014/04/08 10:02:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\LightComp
[2014/09/14 13:48:44 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Maxthon3
[2014/02/27 23:01:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MechCAD
[2016/07/21 12:06:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Mediatronic
[2016/07/02 00:47:28 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MPC-HC
[2014/11/30 14:55:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MPEG Streamclip
[2016/01/16 00:44:48 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\mysites123
[2014/06/23 16:33:01 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\NetBeans
[2015/05/10 16:35:32 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\NymTec
[2014/02/26 18:01:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Opera
[2014/04/15 21:20:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Oracle
[2016/01/15 23:35:18 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Orbit
[2014/02/27 16:35:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\PDF Architect
[2014/12/17 10:51:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\PDF Architect 2
[2015/08/09 21:37:42 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\pdfforge
[2014/07/19 08:47:58 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ProgSense
[2016/06/29 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\qksee
[2014/07/22 11:13:27 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Replay Media Catcher 5
[2014/12/18 18:33:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Samsung
[2014/03/05 12:46:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ScanSoft
[2016/07/14 23:54:17 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Serviio-Console-Wrapper
[2015/12/22 00:14:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Solveig Multimedia
[2016/06/19 20:21:31 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Sony
[2016/06/27 16:53:31 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Swiftdata
[2015/06/19 23:01:43 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\systweak
[2016/01/16 00:55:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Tencent
[2014/04/20 11:58:58 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TP-LINK
[2014/02/27 23:17:38 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TreeCardGames
[2015/11/21 01:05:12 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TrueCrypt
[2014/02/26 18:52:50 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TuneUp Software
[2016/05/26 16:10:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Uncheckit
[2015/01/08 17:14:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\uTorrent
[2014/02/27 23:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VDownloader
[2014/03/03 18:25:21 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VitySoft
[2015/02/01 12:32:51 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VOWSoft
[2016/05/26 16:03:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\WinZiper
[2014/04/20 11:42:17 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Xirrus
[2015/08/31 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\XMedia Recode
[2014/08/18 14:56:38 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\XnView
[2014/03/05 12:43:42 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Zeon
[2016/01/18 17:03:54 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,540 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/03/21 12:06:20 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/04/15 22:31:00 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/04/15 22:31:00 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015/06/19 22:51:44 | 000,000,874 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000Core.job
[2015/06/19 22:51:44 | 000,000,926 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000UA.job
< >
< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2015/02/03 05:50:56 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=00D0F7BA3B27126A3E25B540979A9F39 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_d492bbeccaa14239\cryptsvc.dll
[2015/04/27 21:17:29 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=0925E2BEAC4493C887099F850D69BA3B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_d48a91becaa8aac3\cryptsvc.dll
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2015/02/03 05:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=1CD76A83B9E8E9A5A3519B39E28354D9 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_d4021b35b189f3e7\cryptsvc.dll
[2013/05/10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2015/04/27 21:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\SysWOW64\cryptsvc.dll
[2015/04/27 21:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_77f653d3f91d2e9f\cryptsvc.dll
[2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2015/02/03 05:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=49474B3E37969AF4B5C076F42B623AFF -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_77e37fb1f92c82b1\cryptsvc.dll
[2013/10/05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2015/04/27 20:55:50 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=59AF628BEF750EE470FD36751CA52137 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_786bf63b124b398d\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2015/04/27 21:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\Windows\SysNative\cryptsvc.dll
[2015/04/27 21:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_d414ef57b17a9fd5\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2015/02/03 05:31:49 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=B97E16D36DB7B7DD22C97857506FA58A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_787420691243d103\cryptsvc.dll
[2013/05/10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2014/06/24 10:42:02 | 004,818,848 | ---- | M] (Safer-Networking Ltd.) MD5=280C014187E24860A7C860329513208F -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2016/04/09 07:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=3DA48EA028AD771C5B71727F0C3984E9 -- C:\Windows\SysWOW64\explorer.exe
[2016/04/09 07:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=3DA48EA028AD771C5B71727F0C3984E9 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23418_none_babcc36addd6f915\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2016/04/09 07:53:40 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9DA3B83F80E205B6C601EEE1312FD0A0 -- C:\Windows\explorer.exe
[2016/04/09 07:53:40 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9DA3B83F80E205B6C601EEE1312FD0A0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23418_none_b0681918a976371a\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2015/07/15 20:10:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0D48E93C6BE3143C0198CB252B992D16 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18933_none_0459e0df737bef3f\lsass.exe
[2015/10/20 03:10:48 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0F3591FD0F246CD5941B6DC8184E66B7 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23250_none_04cab6fc8cacab4f\lsass.exe
[2016/03/16 01:00:44 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=12B9792DEA6AD9C344DE2A5FE308B7A9 -- C:\Windows\SoftwareDistribution\Download\a95349a7394491dd8878de051fa61ec5\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23390_none_049f79328ccd183a\lsass.exe
[2015/05/25 20:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=17A6A9AAD04CCC6EE53290585BFC43AF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18869_none_043f70f1738eddf5\lsass.exe
[2015/01/14 08:04:46 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=1E31700D9C9E0FB79999D02A8437482C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18717_none_04737e137368226b\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[2015/05/25 20:21:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2A953A1104439BA166FD63A5806A16DF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23072_none_04b713ec8cbb1b91\lsass.exe
[2015/10/20 03:04:53 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2BC45F4CF55B45BDD650828192F132B8 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19045_none_0450e9a973827120\lsass.exe
[2015/07/15 05:19:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2CCFA4793B9696F26214634300FE8B37 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23126_none_04f126968c8ef25f\lsass.exe
[2015/07/15 20:08:44 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=31359EDA482F9A4C5DB36741596550AC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23136_none_04e656aa8c970e50\lsass.exe
[2014/09/19 11:42:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=341655B216721D89CADE9DEA2F33872F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[2015/08/05 19:55:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=3E9BDCA3994E2B6B6AC16BAA76722934 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18951_none_04424073738df473\lsass.exe
[2015/04/04 05:20:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=4C3FAC816925F73A34AD52F1F7C0A7EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18812_none_046e7e87736ca0df\lsass.exe
[2013/09/25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2015/10/16 20:04:04 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=50996040C28F2E644F7270D2A3BE2BC8 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19043_none_044ee91573843e72\lsass.exe
[2016/04/09 07:43:20 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=54C0E3156872881F6AB017210278E27E -- C:\Windows\SysNative\lsass.exe
[2016/04/09 07:43:20 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=54C0E3156872881F6AB017210278E27E -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23418_none_04fdfcc88c850091\lsass.exe
[2016/01/22 06:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=5673794F254FE312AF62D9DA32805A2F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19135_none_045bbb7b737a5256\lsass.exe
[2016/03/17 23:35:42 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=626BE7CD27F44185AA4DCD3603830312 -- C:\Windows\SoftwareDistribution\Download\849d98c0e41ce7ec4eb30bac593d96bc\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23392_none_04a179c68ccb4ae8\lsass.exe
[2015/10/16 20:10:51 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=642713B5EFA4A27E1CB88E99208F160A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23249_none_04de89828c9c736d\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22923_none_04ee4bb08c9175f1\lsass.exe
[2015/02/03 05:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=7554A1B82B4A222FD4CC292ABD38A558 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18741_none_044d0c937385de34\lsass.exe
[2012/08/24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2015/09/16 01:37:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A51431778979B82E6C7041EAB29F66F4 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23211_none_04f6f6f68c8b54e2\lsass.exe
[2015/07/15 05:19:02 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A7C232F194DE012B41B5EE0C5021CFDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18923_none_0464b0cb7373d34e\lsass.exe
[2016/05/16 23:14:58 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=A836A81E333B9AC8D5EA62B36B7A6CD9 -- C:\Windows\SoftwareDistribution\Download\0c290f5478ac68f8a230fdff343b0bca\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23455_none_04cfbc3a8ca82450\lsass.exe
[2015/10/17 20:09:03 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=AECDFB5F08DC5069563AFC6F47C0DDE5 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19044_none_044fe95f738357c9\lsass.exe
[2014/09/19 11:47:37 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=B84317193B6A29F5F5DCF538C34FDCED -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
[2015/04/04 05:25:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BB9C1B746086558899935E3333CD4580 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e\lsass.exe
[2016/01/22 08:27:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C102A257679340184DCD801B5634230B -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23338_none_04e85b0a8c953b4c\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2016/05/12 16:57:27 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=C8A7F80DB5C193DD67747A1BA4B1782E -- C:\Windows\SoftwareDistribution\Download\ded8d252dec89c3d2c8a35e19f093738\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23452_none_04ccbb5c8caad84b\lsass.exe
[2015/02/03 05:50:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=CBB80CC43E683F929F8D5E50330F7BA6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22948_none_04ddad4a8c9d2c86\lsass.exe
[2016/03/16 19:31:46 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=D5276E4BD17A3B477E3D9127C2EEBEA5 -- C:\Windows\SoftwareDistribution\Download\59b5fd5233b1f3e5357d512c201f0aac\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23391_none_04a0797c8ccc3191\lsass.exe
[2015/08/05 20:03:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=E1068CF0B09C29DC8D69C535938B915D -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23154_none_04ceb63e8ca91384\lsass.exe
[2013/09/25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2015/07/23 00:03:07 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FBD94DDAB6D96DE7ECE7D38E48035A75 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23142_none_04d785968ca2c4e5\lsass.exe
[2015/07/23 02:01:53 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FDD980360C9D72DA77F4C59376AE95C9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18939_none_045fe29b73768749\lsass.exe
< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2015/10/13 01:04:07 | 000,949,184 | ---- | M] (Microsoft Corporation) MD5=901D1BE3F8567B5D02747B1174FF708F -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23235_none_0661f94b4bdbc702\ndis.sys
[2015/10/13 06:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\SysNative\drivers\ndis.sys
[2015/10/13 06:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.19030_none_05d3592832c2ab5e\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2015/10/20 03:11:06 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=12E497414382EF5970A5E42AEBA7AD2E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23250_none_0abad437491312d3\smss.exe
[2015/05/25 20:21:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=18196A0F4C3904C81ACE6E91529227D9 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23072_none_0aa7312749218315\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2016/04/09 07:43:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1CBDCAC093542013BEE9E4700C74C784 -- C:\Windows\SysNative\smss.exe
[2016/04/09 07:43:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1CBDCAC093542013BEE9E4700C74C784 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23418_none_0aee1a0348eb6815\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22921_none_0adc685748f9aac7\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22923_none_0ade68eb48f7dd75\smss.exe
[2015/07/23 02:02:14 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=50EEE09D03B94A13DFEFEFC1D774FC31 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18939_none_0a4fffd62fdceecd\smss.exe
[2015/07/15 20:10:25 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=55C48343919A72B0C8F5C42E4C798FCA -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18933_none_0a49fe1a2fe256c3\smss.exe
[2015/07/15 20:08:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=5E200958CFBDB2B82C78B6F883236640 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23136_none_0ad673e548fd75d4\smss.exe
[2015/02/03 05:30:42 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=63D3C30B497347495B8EA78A38188969 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18741_none_0a3d29ce2fec45b8\smss.exe
[2016/03/17 23:35:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=682586CACD78EF53EF7301B4180EB595 -- C:\Windows\SoftwareDistribution\Download\849d98c0e41ce7ec4eb30bac593d96bc\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23392_none_0a9197014931b26c\smss.exe
[2016/01/22 06:57:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=789035A84618AC25CEDC91606029A4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19135_none_0a4bd8b62fe0b9da\smss.exe
[2016/03/16 19:31:37 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7FCFD859F3B53C6A2F334D41BC54B3FE -- C:\Windows\SoftwareDistribution\Download\59b5fd5233b1f3e5357d512c201f0aac\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23391_none_0a9096b749329915\smss.exe
[2015/02/03 05:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=8CD5A97B8D155718D357B2D9BC6B113D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22948_none_0acdca854903940a\smss.exe
[2015/10/20 03:05:13 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9066AE964D95B1ABC999CED271556A7C -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19045_none_0a4106e42fe8d8a4\smss.exe
[2015/10/01 20:06:20 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9815B80E8F45D4CFF468899A444FE3B8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23226_none_0ae145b748f5570a\smss.exe
[2015/05/25 20:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9BBEA639884C0338DD78654277BD188A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18869_none_0a2f8e2c2ff54579\smss.exe
[2015/07/15 05:19:24 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B094FD54A16671683B4A27A8C43BCDD0 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18923_none_0a54ce062fda3ad2\smss.exe
[2013/08/29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2015/07/15 05:19:40 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=C95509F69D3584BB216C5B2365E74956 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23126_none_0ae143d148f559e3\smss.exe
[2013/08/02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2016/05/16 23:14:55 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CD1912354A41AD07484A41BF0C9C5ED8 -- C:\Windows\SoftwareDistribution\Download\0c290f5478ac68f8a230fdff343b0bca\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23455_none_0abfd975490e8bd4\smss.exe
[2015/07/23 00:03:29 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E31F311AEACDAB79CFA4E5B5ACB2B954 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23142_none_0ac7a2d149092c69\smss.exe
[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2016/01/22 08:27:45 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F7EF6821E330D14E3A84649A35C86217 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23338_none_0ad8784548fba2d0\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013/07/06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2016/05/11 17:19:26 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=59EA5753EBDAE42CF92FD5B6E7AE4D53 -- C:\Windows\SysWOW64\ws2_32.dll
[2016/05/11 17:19:26 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=59EA5753EBDAE42CF92FD5B6E7AE4D53 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.23451_none_f51a458f45d91b4c\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2016/05/11 19:02:50 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=FBE1086227040618A569C27F74A12F3D -- C:\Windows\SysNative\ws2_32.dll
[2016/05/11 19:02:50 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=FBE1086227040618A569C27F74A12F3D -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.23451_none_5138e112fe368c82\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[117 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/02/26 19:56:04 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ABBYY
[2014/02/26 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ACD Systems
[2015/01/11 10:46:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Adobe
[2016/05/09 14:08:28 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Ancestry
[2014/02/27 23:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AnvSoft
[2016/01/06 01:02:37 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Apple Computer
[2014/02/27 23:00:26 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ArcSoft
[2014/02/26 16:46:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ATI
[2014/02/26 17:25:35 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AVAST Software
[2016/07/07 23:15:44 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\avidemux
[2015/08/31 15:38:05 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AVS4YOU
[2015/04/28 23:07:33 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\BitTorrent Sync
[2016/07/09 00:13:32 | 000,000,000 | -H-D | M] -- C:\Users\Bax2013\AppData\Roaming\Booking_helper
[2014/05/11 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Broad Intelligence
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\CadSoft
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\calibre
[2014/11/10 13:07:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Canon
[2014/02/28 18:43:54 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DAEMON Tools Pro
[2014/02/26 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DeepBurner
[2016/07/26 20:59:27 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DMCache
[2016/07/11 23:34:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Dropbox
[2015/07/24 17:14:20 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\dvdcss
[2016/07/06 22:47:13 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DVDVideoSoft
[2016/05/22 17:32:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\eCyber
[2016/05/26 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Elex-tech
[2014/05/03 17:50:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\eM Client
[2016/06/30 09:35:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group
[2015/03/09 00:08:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Faktury Plus
[2016/06/29 13:57:18 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Firefox
[2014/08/04 15:32:59 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\FLV and Media Player
[2014/02/26 17:33:34 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\GHISLER
[2016/07/09 00:13:31 | 000,000,000 | -H-D | M] -- C:\Users\Bax2013\AppData\Roaming\GoldenGate
[2015/03/29 14:49:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Goldstarway Trading
[2016/03/17 17:25:15 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Google
[2014/08/25 21:37:01 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Google.Apis.Auth
[2016/02/16 00:38:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Google2SRT
[2014/07/19 08:47:56 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\GrabPro
[2014/02/26 13:35:37 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Identities
[2016/07/28 22:42:12 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\IDM
[2014/07/23 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\IGC
[2014/05/13 21:10:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ImgBurn
[2014/02/26 13:46:29 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\InstallShield
[2016/07/23 09:27:46 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Kodi
[2015/03/08 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Kopsik
[2016/07/14 22:51:56 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Lavasoft
[2014/04/08 10:02:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\LightComp
[2014/02/26 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Macromedia
[2014/09/14 13:48:44 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Maxthon3
[2014/02/27 23:01:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MechCAD
[2010/11/21 17:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Media Center Programs
[2016/07/04 23:47:06 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Media Player Classic
[2016/07/21 12:06:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Mediatronic
[2016/07/01 08:59:25 | 000,000,000 | --SD | M] -- C:\Users\Bax2013\AppData\Roaming\Microsoft
[2016/01/25 00:32:10 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Mozilla
[2016/07/02 00:47:28 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MPC-HC
[2014/11/30 14:55:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MPEG Streamclip
[2016/01/16 00:44:48 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\mysites123
[2014/06/23 16:33:01 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\NetBeans
[2015/05/10 16:35:32 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\NymTec
[2014/02/26 18:01:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Opera
[2014/04/15 21:20:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Oracle
[2016/01/15 23:35:18 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Orbit
[2014/02/27 16:35:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\PDF Architect
[2014/12/17 10:51:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\PDF Architect 2
[2015/08/09 21:37:42 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\pdfforge
[2014/07/19 08:47:58 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ProgSense
[2016/06/29 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\qksee
[2016/07/24 08:35:07 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Real
[2014/07/22 11:13:27 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Replay Media Catcher 5
[2014/12/18 18:33:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Samsung
[2014/03/05 12:46:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ScanSoft
[2016/07/14 23:54:17 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Serviio-Console-Wrapper
[2014/02/26 18:01:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Skype
[2015/12/22 00:14:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Solveig Multimedia
[2016/06/19 20:21:31 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Sony
[2015/11/27 19:50:45 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Sun
[2016/06/27 16:53:31 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Swiftdata
[2015/06/19 23:01:43 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\systweak
[2016/01/16 00:55:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Tencent
[2014/04/20 11:58:58 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TP-LINK
[2014/02/27 23:17:38 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TreeCardGames
[2015/11/21 01:05:12 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TrueCrypt
[2014/02/26 18:52:50 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TuneUp Software
[2016/05/26 16:10:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Uncheckit
[2015/01/08 17:14:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\uTorrent
[2014/02/27 23:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VDownloader
[2014/03/03 18:25:21 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VitySoft
[2016/07/24 23:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\vlc
[2015/02/01 12:32:51 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VOWSoft
[2014/09/26 22:02:07 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Winamp
[2014/02/26 18:01:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\WinRAR
[2016/05/26 16:03:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\WinZiper
[2014/04/20 11:42:17 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Xirrus
[2015/08/31 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\XMedia Recode
[2014/08/18 14:56:38 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\XnView
[2014/03/05 12:43:42 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Zeon
[2016/01/18 17:03:54 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2016/07/05 20:00:44 | 024,204,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2016/07/05 20:00:54 | 000,173,288 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2016/06/07 04:03:10 | 000,018,392 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe
[2016/07/05 19:54:44 | 000,025,712 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\driver_amd64\dbxsvc.exe
[2016/07/05 19:54:44 | 000,025,200 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\driver_x86\dbxsvc.exe
[2015/12/08 23:36:58 | 024,952,456 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\Client_3.12.5\Dropbox.exe
[2016/06/30 09:29:19 | 003,482,800 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group\sh_installer.exe
[2015/01/16 13:22:29 | 017,983,056 | ---- | M] (ACT Forex) -- C:\Users\Bax2013\AppData\Roaming\Goldstarway Trading\APP#99D4CD3C\Fx_Client.exe
[2014/05/21 11:59:24 | 000,139,776 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Goldstarway Trading\APP#99D4CD3C\resource\txl\txl.exe
[2014/06/08 14:48:28 | 000,054,432 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Bax2013\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2015/05/08 14:50:52 | 001,799,448 | ---- | M] (Maxthon International ltd.) -- C:\Users\Bax2013\AppData\Roaming\Maxthon3\Public\MxUp\MxUp.exe
[2014/05/02 18:05:21 | 000,043,385 | R--- | M] () -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_0CE5D65C672A59FCFADCFA.exe
[2014/05/02 18:05:21 | 000,043,385 | R--- | M] () -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_112D608FD02CD87FDC7735.exe
[2014/05/02 18:05:21 | 000,032,579 | R--- | M] () -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_853F67D554F05449430E7E.exe
[2016/06/29 13:55:58 | 002,759,364 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\qksee\update\qks_update_v3.3.22.exe
[2015/04/28 07:57:14 | 001,566,016 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2015/04/28 07:57:18 | 000,559,936 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesAgent.exe
[2015/04/28 07:57:24 | 000,277,824 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2015/04/28 07:57:20 | 000,311,616 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2015/04/28 07:51:08 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2015/04/28 07:52:44 | 000,353,792 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2015/04/28 07:51:36 | 000,700,416 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2015/04/28 07:57:26 | 000,067,904 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2015/04/28 07:57:38 | 000,065,856 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\RegisterCOM.exe
[2015/04/20 04:29:26 | 000,232,256 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AdminDelegator.exe
[2015/04/20 04:29:26 | 000,265,024 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2015/04/20 04:29:24 | 000,252,736 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2015/04/28 07:57:30 | 001,015,104 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2015/04/28 07:57:32 | 003,835,040 | ---- | M] (Freeware) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2015/04/28 07:57:36 | 000,624,448 | ---- | M] (ml) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2014/10/17 09:41:10 | 016,012,496 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2016/01/08 14:08:32 | 001,572,648 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2016/01/08 14:08:32 | 000,566,568 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2013/12/30 03:55:30 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAirMessage.exe
[2016/01/08 14:08:36 | 000,284,456 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2016/01/08 14:08:34 | 000,318,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2016/01/08 13:36:14 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2016/01/08 13:39:34 | 000,353,792 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2016/01/08 13:37:46 | 000,700,416 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2016/01/08 14:08:38 | 000,074,536 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2016/01/08 14:08:46 | 000,072,488 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2015/06/28 22:31:48 | 000,232,256 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AdminDelegator.exe
[2015/06/28 22:31:48 | 000,304,448 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2015/06/28 22:31:48 | 000,291,648 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2016/01/08 14:08:40 | 001,021,736 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2016/01/08 14:08:44 | 003,841,672 | ---- | M] (Freeware) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2016/01/08 14:08:44 | 000,631,080 | ---- | M] (ml) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2016/01/08 11:20:02 | 016,200,032 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2015/04/28 07:57:36 | 000,624,448 | ---- | M] (ml) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2016/01/08 14:08:44 | 000,631,080 | ---- | M] (ml) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2016/05/26 16:03:29 | 003,096,090 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\WinZiper\update\wzp_update_v2.2.1.exe
[2016/06/21 16:31:12 | 003,126,975 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\WinZiper\update\wzp_update_v2.2.25.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2016/07/28 23:15:22 | 000,017,344 | ---- | M] () -- C:\Windows\system32\debug.log
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Namedate" = E:\ProgNeinst\Nezmeskaj\nezmeskej.exe s s -- [2002/07/03 19:04:24 | 000,523,776 | ---- | M] (Petr Mazánek (mazi@all4u.cz, +420608702180))
"ISUSPM Startup" = c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup -- [2005/02/16 17:15:22 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"KiesPreload" = D:\Program Files (x86)\Samsung\Kies\Kies.exe /preload -- [2016/01/08 14:08:32 | 001,572,648 | ---- | M] (Samsung)
"KiesPDLR" = D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2016/01/08 14:08:40 | 001,021,736 | ---- | M] (Samsung)
"swg" = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2014/06/17 13:48:42 | 000,039,408 | ---- | M] (Google Inc.)
"Dropbox Update" = "C:\Users\Bax2013\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c -- [2015/06/19 22:51:43 | 000,134,512 | ---- | M] (Dropbox, Inc.)
"KiesPDLR.exe" = D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run -- [2016/01/08 14:08:40 | 001,021,736 | ---- | M] (Samsung)
"IDMan" = C:\Program Files\Internet Download Manager\IDMan.exe /onboot -- [2015/11/10 22:09:40 | 003,911,248 | ---- | M] (Tonec Inc.)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015/12/08 21:23:58 | 008,590,760 | ---- | M] (Piriform Ltd)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016/07/28 22:57:53 | 000,000,512 | ---- | M] () MD5=A536EC46F5A88DF934BB17EFD1FCEFAB -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013/12/20 23:30:19 | 007,002,169 | ---- | M] () -- \+Downloads\Internet-Download-Manager-IDM-6.17-Build-11-Final-Incl-Crack.zip
[2007/10/26 21:03:14 | 000,034,964 | ---- | M] () -- \+Downloads\rarcrack-0.2.tar.bz2
[2007/10/26 21:03:14 | 000,034,964 | ---- | M] () -- \+Downloads\rarcrack-0.2.tar_2.bz2
[2014/02/28 18:15:35 | 000,152,704 | ---- | M] () -- \+Downloads\+\Internet Manager Key Crack.rar__3038_i393075388_il5189469.exe
[2007/12/17 13:13:49 | 000,034,181 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - RAR Recovery Toolbox v1.1.4.7 + crack.htm
[2007/04/03 19:13:08 | 000,015,615 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\FleshGet-dowland manager\flashgetv1.73.128crackte.zip
[2007/05/19 23:05:12 | 000,324,164 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\NetLimiter\NetLimiter.Pro.v2.0.7\netlimiterprov2.0.7crackblackmagic.zip
[2008/04/22 19:24:44 | 000,000,941 | ---- | M] () -- \+Downloads\Ladenie XP\TuneUp_Utilities_2008\Ako cracknutt-stara verzia mam 2010.txt
[2012/04/13 23:50:48 | 003,795,454 | ---- | M] () -- \+Nasprac\docasne\S.K.Software.MyLanViewer.v4.9.12.Cracked-ARN_rar rec\S.K.Software.MyLanViewer.v4.9.12.Cracked-ARN.rar
< *keygen* /s >
[2012/01/15 19:07:44 | 001,421,182 | ---- | M] () -- \+Downloads\RAMDisk-4.1-Gilisoft-Software-+-Keygen.rar
[2012/01/13 13:48:36 | 000,423,936 | ---- | M] () -- \+Downloads\++Driver\SSD Tweaker Pro 2.0.1 EN\keygen.exe
[2007/12/29 09:10:56 | 000,017,545 | ---- | M] () -- \+Downloads\+Programy\+Ostatné\Salfeld Child Control 2007 v9.695\chico_MuKkY.of.UCU\child_control_keygen.exe
[2006/12/18 08:14:41 | 000,828,157 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\+IP skrivanie PROXY\Hide_IP_Platinum_3.2___Keygen.zip
[2006/04/06 22:03:48 | 000,045,056 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\+IP skrivanie PROXY\Hide_IP_Platinum_3.21\Hide_IP_Platinum_3.21\Hide IP Platinum 3.21\keygen.exe
[2007/04/03 19:12:54 | 000,027,203 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\FleshGet-dowland manager\flashgetv1.73keygenbrd.zip
[2005/11/13 13:36:28 | 000,048,161 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\DU.Meter.v3.07.Build.200.Incl.Keymaker\DU.Meter.v3.07.Build.200.Incl.Keymaker\keygen.exe
[2007/02/19 13:16:16 | 000,102,400 | ---- | M] () -- \+Downloads\+Programy\+System\o_o\O&O softver overený VÝBER\O&O CleverCache Professional Edition v6.1.2332\O&O CleverCache Professional Edition v6.1.2332\O&O CleverCache Professional Edition v6.1.2332\KeyGen\keygen.exe
[2007/09/02 20:28:04 | 000,054,272 | ---- | M] () -- \+Downloads\+Programy\+System\o_o\O_O_FormatRecovery_4.1.1146\O&O FormatRecovery 4.1.1146\KEYGEN\keygen.exe
[2009/03/16 17:50:05 | 000,269,824 | ---- | M] () -- \+Downloads\+Programy\+System\PowerISO.v4.6.WinAll.Incl.Keygen-CRD\PowerISO.v4.6.WinAll.Incl.Keygen-CRD\keygen.exe
[2008/11/28 18:19:34 | 000,087,552 | ---- | M] () -- \+Downloads\+Programy\Kerio WinRoute Firewall 6.5.2 Build 5172\PATCH\patch-keygen.exe
[2010/11/14 00:54:57 | 000,110,592 | ---- | M] () -- \+Downloads\Ladenie XP\RamDisk\SprSpd_RmDsk_Pl_9.0.1.0\SuperSpeed RamDisk Plus v9.0.1.0 Desktop\keygen.exe
[2007/01/09 23:04:04 | 000,568,832 | ---- | M] () -- \+Nasprac\++DVD\Program\SensorsViewPro21\keygen.exe
< *AntiWPA* /s >
< *loader* /s >
[2014/01/21 21:39:09 | 000,222,184 | ---- | M] () -- \+Downloads\dfdownloader_vuwiTq_.exe
[2011/07/28 08:47:27 | 000,094,208 | ---- | M] () -- \+Downloads\eToroDownloader.exe
[2013/11/12 21:11:56 | 000,401,720 | ---- | M] () -- \+Downloads\SoftonicDownloader_for_etoro.exe
[2013/12/16 23:55:42 | 000,674,976 | ---- | M] () -- \+Downloads\++++X\Unlocker1.9.2 - CHIP Downloader.exe
[2005/06/17 22:42:14 | 000,003,095 | ---- | M] () -- \+Downloads\+++Stahovanie\SeaMonk\NvuPortable-1.0rev5.sk-SK\App\nvu\components\uriloader.xpt
[2007/12/28 19:31:34 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+naSTIAHNUTIE\www.WarXtreme.com __ Zobraziť tému - Sahara (2005)_files\uploader.gif
[2008/02/18 19:58:23 | 000,007,600 | ---- | M] () -- \+Downloads\+Linky BR\+NETAHANE\Babilon 5\Warforum- Babilon 5 SoundTrack30CD_subory\war_uploader.gif
[2008/02/09 02:00:50 | 000,007,600 | ---- | M] () -- \+Downloads\+Linky BR\+NETAHANE\Harry Potter - tajomstvo zväčujúcich sa slipov (2007)\Harry Potter - tajomstvo zväčujúcich sa slipov (2007)_subory\war_uploader.gif
[2008/02/18 20:09:27 | 000,007,600 | ---- | M] () -- \+Downloads\+Linky BR\+NETAHANE\Warforum - Muž, který se postavil tankům -- The Tankman (2006) - CZ_subory\war_uploader.gif
[2007/12/08 13:58:40 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - James Bond_files\uploader.gif
[2007/12/13 17:20:28 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - NetLimiter 2.0.7 Pro_files\uploader.gif
[2007/12/17 13:13:49 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - RAR Recovery Toolbox v1.1.4.7 + crack_files\uploader.gif
[2007/12/13 01:35:55 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - RYCHLYPRACHY.CZ _všetko sem__files\uploader.gif
[2007/12/16 11:00:43 | 000,031,831 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - Zorro Of The Mask_files\Uploader.gif
[2007/12/08 13:58:48 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\www.WarXtreme.com __ Zobraziť tému - James Bond_files\uploader.gif
[2006/12/16 02:45:09 | 000,210,320 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\+IP skrivanie PROXY\USDownloader134b8\Dimoniusis Homepage - Soft - Download Universal Share Downloader.htm
[2006/12/16 02:43:24 | 004,115,037 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\+IP skrivanie PROXY\USDownloader134b8\USDownloader134b8.zip
[2011/12/03 22:25:01 | 061,589,441 | ---- | M] () -- \+Nasprac\docasne\++ST\Stiahnute\Nero Multimedia Suite Mini 10.5.10500 v2.by.-ded-.of.PowerUploaders.rar
[2016/03/30 11:53:42 | 000,004,782 | ---- | M] () -- \Program Files (x86)\Kodi\addons\webinterface.default\images\ajax-loader.gif
[2014/04/30 11:54:12 | 000,013,501 | ---- | M] () -- \Program Files (x86)\Kodi\system\python\Lib\unittest\loader.py
[2013/12/26 20:54:25 | 000,094,208 | ---- | M] () -- \Users\Bax2013\Desktop\eToroDownloader.exe
[2014/07/22 11:53:36 | 000,000,682 | ---- | M] () -- \Users\Bax2013\Desktop\YTD- aj z TV YouTube Downloader.lnk
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2013/06/09 13:21:17 | 000,921,647 | ---- | M] () -- \+Downloads\+++Stahovanie\Teleport-Pro-1.61-serial+čeština.rar
[2010/03/15 09:29:20 | 000,009,950 | ---- | M] () -- \+Downloads\+++Stahovanie\Teleport-Pro-1.61-serial+čeština\Teleport Pro 1.61\serial.docx
[2007/12/10 20:45:38 | 000,079,411 | ---- | M] () -- \+Downloads\+Linky BR\+NETAHANE\RAJFORUM.COM __ Zobraziť tému - Rapidshare Premium serial funkční,ale neměňte mi pořád hesla.htm
[2008/10/29 19:20:53 | 000,000,105 | ---- | M] () -- \+Downloads\+Programy\+System\o_o\O&O softver overený VÝBER\O_O_PartitionManager_Pro_2.0.474\O&O PartitionManager Pro 2.0.474\SERIAL.txt
[2009/01/18 15:08:11 | 000,000,700 | ---- | M] () -- \+Downloads\+Programy\PDFZilla v1.0.8.0+Srial\PDFZilla.Serial.rar
[2009/01/15 10:36:03 | 000,000,031 | ---- | M] () -- \+Downloads\+Programy\PDFZilla v1.0.8.0+Srial\Serial.txt
[2009/05/26 21:12:37 | 000,086,160 | ---- | M] () -- \+Nasprac\ZufaleM3\Prez\Znelky\http---serialy.info-.jpg
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\ProgramData\TEMP:50AE12C5
< End of report >
[2014/02/26 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ACD Systems
[2016/05/09 14:08:28 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Ancestry
[2014/02/27 23:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AnvSoft
[2014/02/26 17:25:35 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AVAST Software
[2016/07/07 23:15:44 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\avidemux
[2015/04/28 23:07:33 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\BitTorrent Sync
[2016/07/09 00:13:32 | 000,000,000 | -H-D | M] -- C:\Users\Bax2013\AppData\Roaming\Booking_helper
[2014/05/11 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Broad Intelligence
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\CadSoft
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\calibre
[2014/11/10 13:07:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Canon
[2014/02/28 18:43:54 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DAEMON Tools Pro
[2014/02/26 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DeepBurner
[2016/07/26 20:59:27 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DMCache
[2016/07/11 23:34:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Dropbox
[2016/07/06 22:47:13 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DVDVideoSoft
[2016/05/22 17:32:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\eCyber
[2016/05/26 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Elex-tech
[2014/05/03 17:50:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\eM Client
[2016/06/30 09:35:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group
[2015/03/09 00:08:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Faktury Plus
[2016/06/29 13:57:18 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Firefox
[2014/08/04 15:32:59 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\FLV and Media Player
[2014/02/26 17:33:34 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\GHISLER
[2016/07/09 00:13:31 | 000,000,000 | -H-D | M] -- C:\Users\Bax2013\AppData\Roaming\GoldenGate
[2015/03/29 14:49:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Goldstarway Trading
[2014/07/19 08:47:56 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\GrabPro
[2016/07/28 22:42:12 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\IDM
[2014/07/23 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\IGC
[2014/05/13 21:10:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ImgBurn
[2016/07/23 09:27:46 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Kodi
[2015/03/08 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Kopsik
[2014/04/08 10:02:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\LightComp
[2014/09/14 13:48:44 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Maxthon3
[2014/02/27 23:01:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MechCAD
[2016/07/21 12:06:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Mediatronic
[2016/07/02 00:47:28 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MPC-HC
[2014/11/30 14:55:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MPEG Streamclip
[2016/01/16 00:44:48 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\mysites123
[2014/06/23 16:33:01 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\NetBeans
[2015/05/10 16:35:32 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\NymTec
[2014/02/26 18:01:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Opera
[2014/04/15 21:20:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Oracle
[2016/01/15 23:35:18 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Orbit
[2014/02/27 16:35:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\PDF Architect
[2014/12/17 10:51:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\PDF Architect 2
[2015/08/09 21:37:42 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\pdfforge
[2014/07/19 08:47:58 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ProgSense
[2016/06/29 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\qksee
[2014/07/22 11:13:27 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Replay Media Catcher 5
[2014/12/18 18:33:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Samsung
[2014/03/05 12:46:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ScanSoft
[2016/07/14 23:54:17 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Serviio-Console-Wrapper
[2015/12/22 00:14:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Solveig Multimedia
[2016/06/19 20:21:31 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Sony
[2016/06/27 16:53:31 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Swiftdata
[2015/06/19 23:01:43 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\systweak
[2016/01/16 00:55:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Tencent
[2014/04/20 11:58:58 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TP-LINK
[2014/02/27 23:17:38 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TreeCardGames
[2015/11/21 01:05:12 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TrueCrypt
[2014/02/26 18:52:50 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TuneUp Software
[2016/05/26 16:10:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Uncheckit
[2015/01/08 17:14:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\uTorrent
[2014/02/27 23:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VDownloader
[2014/03/03 18:25:21 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VitySoft
[2015/02/01 12:32:51 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VOWSoft
[2016/05/26 16:03:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\WinZiper
[2014/04/20 11:42:17 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Xirrus
[2015/08/31 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\XMedia Recode
[2014/08/18 14:56:38 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\XnView
[2014/03/05 12:43:42 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Zeon
[2016/01/18 17:03:54 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,540 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/03/21 12:06:20 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/04/15 22:31:00 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/04/15 22:31:00 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015/06/19 22:51:44 | 000,000,874 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000Core.job
[2015/06/19 22:51:44 | 000,000,926 | ---- | C] () -- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1391750300-441857230-858820617-1000UA.job
< >
< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2015/02/03 05:50:56 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=00D0F7BA3B27126A3E25B540979A9F39 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_d492bbeccaa14239\cryptsvc.dll
[2015/04/27 21:17:29 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=0925E2BEAC4493C887099F850D69BA3B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_d48a91becaa8aac3\cryptsvc.dll
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2015/02/03 05:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=1CD76A83B9E8E9A5A3519B39E28354D9 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_d4021b35b189f3e7\cryptsvc.dll
[2013/05/10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2015/04/27 21:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\SysWOW64\cryptsvc.dll
[2015/04/27 21:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_77f653d3f91d2e9f\cryptsvc.dll
[2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2015/02/03 05:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=49474B3E37969AF4B5C076F42B623AFF -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_77e37fb1f92c82b1\cryptsvc.dll
[2013/10/05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2015/04/27 20:55:50 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=59AF628BEF750EE470FD36751CA52137 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_786bf63b124b398d\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2015/04/27 21:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\Windows\SysNative\cryptsvc.dll
[2015/04/27 21:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_d414ef57b17a9fd5\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2015/02/03 05:31:49 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=B97E16D36DB7B7DD22C97857506FA58A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_787420691243d103\cryptsvc.dll
[2013/05/10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2014/06/24 10:42:02 | 004,818,848 | ---- | M] (Safer-Networking Ltd.) MD5=280C014187E24860A7C860329513208F -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2016/04/09 07:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=3DA48EA028AD771C5B71727F0C3984E9 -- C:\Windows\SysWOW64\explorer.exe
[2016/04/09 07:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=3DA48EA028AD771C5B71727F0C3984E9 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23418_none_babcc36addd6f915\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2016/04/09 07:53:40 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9DA3B83F80E205B6C601EEE1312FD0A0 -- C:\Windows\explorer.exe
[2016/04/09 07:53:40 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9DA3B83F80E205B6C601EEE1312FD0A0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23418_none_b0681918a976371a\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2015/07/15 20:10:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0D48E93C6BE3143C0198CB252B992D16 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18933_none_0459e0df737bef3f\lsass.exe
[2015/10/20 03:10:48 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0F3591FD0F246CD5941B6DC8184E66B7 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23250_none_04cab6fc8cacab4f\lsass.exe
[2016/03/16 01:00:44 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=12B9792DEA6AD9C344DE2A5FE308B7A9 -- C:\Windows\SoftwareDistribution\Download\a95349a7394491dd8878de051fa61ec5\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23390_none_049f79328ccd183a\lsass.exe
[2015/05/25 20:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=17A6A9AAD04CCC6EE53290585BFC43AF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18869_none_043f70f1738eddf5\lsass.exe
[2015/01/14 08:04:46 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=1E31700D9C9E0FB79999D02A8437482C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18717_none_04737e137368226b\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[2015/05/25 20:21:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2A953A1104439BA166FD63A5806A16DF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23072_none_04b713ec8cbb1b91\lsass.exe
[2015/10/20 03:04:53 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2BC45F4CF55B45BDD650828192F132B8 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19045_none_0450e9a973827120\lsass.exe
[2015/07/15 05:19:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2CCFA4793B9696F26214634300FE8B37 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23126_none_04f126968c8ef25f\lsass.exe
[2015/07/15 20:08:44 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=31359EDA482F9A4C5DB36741596550AC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23136_none_04e656aa8c970e50\lsass.exe
[2014/09/19 11:42:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=341655B216721D89CADE9DEA2F33872F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[2015/08/05 19:55:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=3E9BDCA3994E2B6B6AC16BAA76722934 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18951_none_04424073738df473\lsass.exe
[2015/04/04 05:20:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=4C3FAC816925F73A34AD52F1F7C0A7EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18812_none_046e7e87736ca0df\lsass.exe
[2013/09/25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2015/10/16 20:04:04 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=50996040C28F2E644F7270D2A3BE2BC8 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19043_none_044ee91573843e72\lsass.exe
[2016/04/09 07:43:20 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=54C0E3156872881F6AB017210278E27E -- C:\Windows\SysNative\lsass.exe
[2016/04/09 07:43:20 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=54C0E3156872881F6AB017210278E27E -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23418_none_04fdfcc88c850091\lsass.exe
[2016/01/22 06:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=5673794F254FE312AF62D9DA32805A2F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19135_none_045bbb7b737a5256\lsass.exe
[2016/03/17 23:35:42 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=626BE7CD27F44185AA4DCD3603830312 -- C:\Windows\SoftwareDistribution\Download\849d98c0e41ce7ec4eb30bac593d96bc\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23392_none_04a179c68ccb4ae8\lsass.exe
[2015/10/16 20:10:51 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=642713B5EFA4A27E1CB88E99208F160A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23249_none_04de89828c9c736d\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22923_none_04ee4bb08c9175f1\lsass.exe
[2015/02/03 05:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=7554A1B82B4A222FD4CC292ABD38A558 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18741_none_044d0c937385de34\lsass.exe
[2012/08/24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2015/09/16 01:37:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A51431778979B82E6C7041EAB29F66F4 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23211_none_04f6f6f68c8b54e2\lsass.exe
[2015/07/15 05:19:02 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A7C232F194DE012B41B5EE0C5021CFDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18923_none_0464b0cb7373d34e\lsass.exe
[2016/05/16 23:14:58 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=A836A81E333B9AC8D5EA62B36B7A6CD9 -- C:\Windows\SoftwareDistribution\Download\0c290f5478ac68f8a230fdff343b0bca\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23455_none_04cfbc3a8ca82450\lsass.exe
[2015/10/17 20:09:03 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=AECDFB5F08DC5069563AFC6F47C0DDE5 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19044_none_044fe95f738357c9\lsass.exe
[2014/09/19 11:47:37 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=B84317193B6A29F5F5DCF538C34FDCED -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
[2015/04/04 05:25:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BB9C1B746086558899935E3333CD4580 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e\lsass.exe
[2016/01/22 08:27:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C102A257679340184DCD801B5634230B -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23338_none_04e85b0a8c953b4c\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2016/05/12 16:57:27 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=C8A7F80DB5C193DD67747A1BA4B1782E -- C:\Windows\SoftwareDistribution\Download\ded8d252dec89c3d2c8a35e19f093738\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23452_none_04ccbb5c8caad84b\lsass.exe
[2015/02/03 05:50:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=CBB80CC43E683F929F8D5E50330F7BA6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22948_none_04ddad4a8c9d2c86\lsass.exe
[2016/03/16 19:31:46 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=D5276E4BD17A3B477E3D9127C2EEBEA5 -- C:\Windows\SoftwareDistribution\Download\59b5fd5233b1f3e5357d512c201f0aac\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23391_none_04a0797c8ccc3191\lsass.exe
[2015/08/05 20:03:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=E1068CF0B09C29DC8D69C535938B915D -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23154_none_04ceb63e8ca91384\lsass.exe
[2013/09/25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2015/07/23 00:03:07 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FBD94DDAB6D96DE7ECE7D38E48035A75 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23142_none_04d785968ca2c4e5\lsass.exe
[2015/07/23 02:01:53 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FDD980360C9D72DA77F4C59376AE95C9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18939_none_045fe29b73768749\lsass.exe
< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2015/10/13 01:04:07 | 000,949,184 | ---- | M] (Microsoft Corporation) MD5=901D1BE3F8567B5D02747B1174FF708F -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23235_none_0661f94b4bdbc702\ndis.sys
[2015/10/13 06:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\SysNative\drivers\ndis.sys
[2015/10/13 06:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.19030_none_05d3592832c2ab5e\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2015/10/20 03:11:06 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=12E497414382EF5970A5E42AEBA7AD2E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23250_none_0abad437491312d3\smss.exe
[2015/05/25 20:21:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=18196A0F4C3904C81ACE6E91529227D9 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23072_none_0aa7312749218315\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2016/04/09 07:43:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1CBDCAC093542013BEE9E4700C74C784 -- C:\Windows\SysNative\smss.exe
[2016/04/09 07:43:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1CBDCAC093542013BEE9E4700C74C784 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23418_none_0aee1a0348eb6815\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22921_none_0adc685748f9aac7\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22923_none_0ade68eb48f7dd75\smss.exe
[2015/07/23 02:02:14 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=50EEE09D03B94A13DFEFEFC1D774FC31 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18939_none_0a4fffd62fdceecd\smss.exe
[2015/07/15 20:10:25 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=55C48343919A72B0C8F5C42E4C798FCA -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18933_none_0a49fe1a2fe256c3\smss.exe
[2015/07/15 20:08:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=5E200958CFBDB2B82C78B6F883236640 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23136_none_0ad673e548fd75d4\smss.exe
[2015/02/03 05:30:42 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=63D3C30B497347495B8EA78A38188969 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18741_none_0a3d29ce2fec45b8\smss.exe
[2016/03/17 23:35:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=682586CACD78EF53EF7301B4180EB595 -- C:\Windows\SoftwareDistribution\Download\849d98c0e41ce7ec4eb30bac593d96bc\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23392_none_0a9197014931b26c\smss.exe
[2016/01/22 06:57:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=789035A84618AC25CEDC91606029A4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19135_none_0a4bd8b62fe0b9da\smss.exe
[2016/03/16 19:31:37 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7FCFD859F3B53C6A2F334D41BC54B3FE -- C:\Windows\SoftwareDistribution\Download\59b5fd5233b1f3e5357d512c201f0aac\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23391_none_0a9096b749329915\smss.exe
[2015/02/03 05:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=8CD5A97B8D155718D357B2D9BC6B113D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22948_none_0acdca854903940a\smss.exe
[2015/10/20 03:05:13 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9066AE964D95B1ABC999CED271556A7C -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19045_none_0a4106e42fe8d8a4\smss.exe
[2015/10/01 20:06:20 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9815B80E8F45D4CFF468899A444FE3B8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23226_none_0ae145b748f5570a\smss.exe
[2015/05/25 20:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9BBEA639884C0338DD78654277BD188A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18869_none_0a2f8e2c2ff54579\smss.exe
[2015/07/15 05:19:24 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B094FD54A16671683B4A27A8C43BCDD0 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18923_none_0a54ce062fda3ad2\smss.exe
[2013/08/29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2015/07/15 05:19:40 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=C95509F69D3584BB216C5B2365E74956 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23126_none_0ae143d148f559e3\smss.exe
[2013/08/02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2016/05/16 23:14:55 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CD1912354A41AD07484A41BF0C9C5ED8 -- C:\Windows\SoftwareDistribution\Download\0c290f5478ac68f8a230fdff343b0bca\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23455_none_0abfd975490e8bd4\smss.exe
[2015/07/23 00:03:29 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E31F311AEACDAB79CFA4E5B5ACB2B954 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23142_none_0ac7a2d149092c69\smss.exe
[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2016/01/22 08:27:45 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F7EF6821E330D14E3A84649A35C86217 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23338_none_0ad8784548fba2d0\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013/07/06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2016/05/11 17:19:26 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=59EA5753EBDAE42CF92FD5B6E7AE4D53 -- C:\Windows\SysWOW64\ws2_32.dll
[2016/05/11 17:19:26 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=59EA5753EBDAE42CF92FD5B6E7AE4D53 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.23451_none_f51a458f45d91b4c\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2016/05/11 19:02:50 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=FBE1086227040618A569C27F74A12F3D -- C:\Windows\SysNative\ws2_32.dll
[2016/05/11 19:02:50 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=FBE1086227040618A569C27F74A12F3D -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.23451_none_5138e112fe368c82\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[117 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/02/26 19:56:04 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ABBYY
[2014/02/26 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ACD Systems
[2015/01/11 10:46:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Adobe
[2016/05/09 14:08:28 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Ancestry
[2014/02/27 23:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AnvSoft
[2016/01/06 01:02:37 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Apple Computer
[2014/02/27 23:00:26 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ArcSoft
[2014/02/26 16:46:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ATI
[2014/02/26 17:25:35 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AVAST Software
[2016/07/07 23:15:44 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\avidemux
[2015/08/31 15:38:05 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\AVS4YOU
[2015/04/28 23:07:33 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\BitTorrent Sync
[2016/07/09 00:13:32 | 000,000,000 | -H-D | M] -- C:\Users\Bax2013\AppData\Roaming\Booking_helper
[2014/05/11 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Broad Intelligence
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\CadSoft
[2014/02/26 18:01:53 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\calibre
[2014/11/10 13:07:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Canon
[2014/02/28 18:43:54 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DAEMON Tools Pro
[2014/02/26 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DeepBurner
[2016/07/26 20:59:27 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DMCache
[2016/07/11 23:34:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Dropbox
[2015/07/24 17:14:20 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\dvdcss
[2016/07/06 22:47:13 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\DVDVideoSoft
[2016/05/22 17:32:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\eCyber
[2016/05/26 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Elex-tech
[2014/05/03 17:50:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\eM Client
[2016/06/30 09:35:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group
[2015/03/09 00:08:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Faktury Plus
[2016/06/29 13:57:18 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Firefox
[2014/08/04 15:32:59 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\FLV and Media Player
[2014/02/26 17:33:34 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\GHISLER
[2016/07/09 00:13:31 | 000,000,000 | -H-D | M] -- C:\Users\Bax2013\AppData\Roaming\GoldenGate
[2015/03/29 14:49:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Goldstarway Trading
[2016/03/17 17:25:15 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Google
[2014/08/25 21:37:01 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Google.Apis.Auth
[2016/02/16 00:38:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Google2SRT
[2014/07/19 08:47:56 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\GrabPro
[2014/02/26 13:35:37 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Identities
[2016/07/28 22:42:12 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\IDM
[2014/07/23 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\IGC
[2014/05/13 21:10:02 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ImgBurn
[2014/02/26 13:46:29 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\InstallShield
[2016/07/23 09:27:46 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Kodi
[2015/03/08 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Kopsik
[2016/07/14 22:51:56 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Lavasoft
[2014/04/08 10:02:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\LightComp
[2014/02/26 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Macromedia
[2014/09/14 13:48:44 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Maxthon3
[2014/02/27 23:01:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MechCAD
[2010/11/21 17:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Media Center Programs
[2016/07/04 23:47:06 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Media Player Classic
[2016/07/21 12:06:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Mediatronic
[2016/07/01 08:59:25 | 000,000,000 | --SD | M] -- C:\Users\Bax2013\AppData\Roaming\Microsoft
[2016/01/25 00:32:10 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Mozilla
[2016/07/02 00:47:28 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MPC-HC
[2014/11/30 14:55:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\MPEG Streamclip
[2016/01/16 00:44:48 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\mysites123
[2014/06/23 16:33:01 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\NetBeans
[2015/05/10 16:35:32 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\NymTec
[2014/02/26 18:01:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Opera
[2014/04/15 21:20:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Oracle
[2016/01/15 23:35:18 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Orbit
[2014/02/27 16:35:03 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\PDF Architect
[2014/12/17 10:51:11 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\PDF Architect 2
[2015/08/09 21:37:42 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\pdfforge
[2014/07/19 08:47:58 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ProgSense
[2016/06/29 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\qksee
[2016/07/24 08:35:07 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Real
[2014/07/22 11:13:27 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Replay Media Catcher 5
[2014/12/18 18:33:14 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Samsung
[2014/03/05 12:46:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\ScanSoft
[2016/07/14 23:54:17 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Serviio-Console-Wrapper
[2014/02/26 18:01:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Skype
[2015/12/22 00:14:19 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Solveig Multimedia
[2016/06/19 20:21:31 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Sony
[2015/11/27 19:50:45 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Sun
[2016/06/27 16:53:31 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Swiftdata
[2015/06/19 23:01:43 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\systweak
[2016/01/16 00:55:22 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Tencent
[2014/04/20 11:58:58 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TP-LINK
[2014/02/27 23:17:38 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TreeCardGames
[2015/11/21 01:05:12 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TrueCrypt
[2014/02/26 18:52:50 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\TuneUp Software
[2016/05/26 16:10:08 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Uncheckit
[2015/01/08 17:14:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\uTorrent
[2014/02/27 23:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VDownloader
[2014/03/03 18:25:21 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VitySoft
[2016/07/24 23:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\vlc
[2015/02/01 12:32:51 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\VOWSoft
[2014/09/26 22:02:07 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Winamp
[2014/02/26 18:01:55 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\WinRAR
[2016/05/26 16:03:25 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\WinZiper
[2014/04/20 11:42:17 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Xirrus
[2015/08/31 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\XMedia Recode
[2014/08/18 14:56:38 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\XnView
[2014/03/05 12:43:42 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Zeon
[2016/01/18 17:03:54 | 000,000,000 | ---D | M] -- C:\Users\Bax2013\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2016/07/05 20:00:44 | 024,204,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2016/07/05 20:00:54 | 000,173,288 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2016/06/07 04:03:10 | 000,018,392 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe
[2016/07/05 19:54:44 | 000,025,712 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\driver_amd64\dbxsvc.exe
[2016/07/05 19:54:44 | 000,025,200 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\bin\driver_x86\dbxsvc.exe
[2015/12/08 23:36:58 | 024,952,456 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bax2013\AppData\Roaming\Dropbox\Client_3.12.5\Dropbox.exe
[2016/06/30 09:29:19 | 003,482,800 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Users\Bax2013\AppData\Roaming\Enigma Software Group\sh_installer.exe
[2015/01/16 13:22:29 | 017,983,056 | ---- | M] (ACT Forex) -- C:\Users\Bax2013\AppData\Roaming\Goldstarway Trading\APP#99D4CD3C\Fx_Client.exe
[2014/05/21 11:59:24 | 000,139,776 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Goldstarway Trading\APP#99D4CD3C\resource\txl\txl.exe
[2014/06/08 14:48:28 | 000,054,432 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Bax2013\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2015/05/08 14:50:52 | 001,799,448 | ---- | M] (Maxthon International ltd.) -- C:\Users\Bax2013\AppData\Roaming\Maxthon3\Public\MxUp\MxUp.exe
[2014/05/02 18:05:21 | 000,043,385 | R--- | M] () -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_0CE5D65C672A59FCFADCFA.exe
[2014/05/02 18:05:21 | 000,043,385 | R--- | M] () -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_112D608FD02CD87FDC7735.exe
[2014/05/02 18:05:21 | 000,032,579 | R--- | M] () -- C:\Users\Bax2013\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_853F67D554F05449430E7E.exe
[2016/06/29 13:55:58 | 002,759,364 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\qksee\update\qks_update_v3.3.22.exe
[2015/04/28 07:57:14 | 001,566,016 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2015/04/28 07:57:18 | 000,559,936 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesAgent.exe
[2015/04/28 07:57:24 | 000,277,824 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2015/04/28 07:57:20 | 000,311,616 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2015/04/28 07:51:08 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2015/04/28 07:52:44 | 000,353,792 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2015/04/28 07:51:36 | 000,700,416 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2015/04/28 07:57:26 | 000,067,904 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2015/04/28 07:57:38 | 000,065,856 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\RegisterCOM.exe
[2015/04/20 04:29:26 | 000,232,256 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AdminDelegator.exe
[2015/04/20 04:29:26 | 000,265,024 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2015/04/20 04:29:24 | 000,252,736 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2015/04/28 07:57:30 | 001,015,104 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2015/04/28 07:57:32 | 003,835,040 | ---- | M] (Freeware) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2015/04/28 07:57:36 | 000,624,448 | ---- | M] (ml) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2014/10/17 09:41:10 | 016,012,496 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2016/01/08 14:08:32 | 001,572,648 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2016/01/08 14:08:32 | 000,566,568 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2013/12/30 03:55:30 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAirMessage.exe
[2016/01/08 14:08:36 | 000,284,456 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2016/01/08 14:08:34 | 000,318,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2016/01/08 13:36:14 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2016/01/08 13:39:34 | 000,353,792 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2016/01/08 13:37:46 | 000,700,416 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2016/01/08 14:08:38 | 000,074,536 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2016/01/08 14:08:46 | 000,072,488 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2015/06/28 22:31:48 | 000,232,256 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AdminDelegator.exe
[2015/06/28 22:31:48 | 000,304,448 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2015/06/28 22:31:48 | 000,291,648 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2016/01/08 14:08:40 | 001,021,736 | ---- | M] (Samsung) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2016/01/08 14:08:44 | 003,841,672 | ---- | M] (Freeware) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2016/01/08 14:08:44 | 000,631,080 | ---- | M] (ml) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2016/01/08 11:20:02 | 016,200,032 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2015/04/28 07:57:36 | 000,624,448 | ---- | M] (ml) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2016/01/08 14:08:44 | 000,631,080 | ---- | M] (ml) -- C:\Users\Bax2013\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2016/05/26 16:03:29 | 003,096,090 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\WinZiper\update\wzp_update_v2.2.1.exe
[2016/06/21 16:31:12 | 003,126,975 | ---- | M] () -- C:\Users\Bax2013\AppData\Roaming\WinZiper\update\wzp_update_v2.2.25.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2016/07/28 23:15:22 | 000,017,344 | ---- | M] () -- C:\Windows\system32\debug.log
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Namedate" = E:\ProgNeinst\Nezmeskaj\nezmeskej.exe s s -- [2002/07/03 19:04:24 | 000,523,776 | ---- | M] (Petr Mazánek (mazi@all4u.cz, +420608702180))
"ISUSPM Startup" = c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup -- [2005/02/16 17:15:22 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"KiesPreload" = D:\Program Files (x86)\Samsung\Kies\Kies.exe /preload -- [2016/01/08 14:08:32 | 001,572,648 | ---- | M] (Samsung)
"KiesPDLR" = D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2016/01/08 14:08:40 | 001,021,736 | ---- | M] (Samsung)
"swg" = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2014/06/17 13:48:42 | 000,039,408 | ---- | M] (Google Inc.)
"Dropbox Update" = "C:\Users\Bax2013\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c -- [2015/06/19 22:51:43 | 000,134,512 | ---- | M] (Dropbox, Inc.)
"KiesPDLR.exe" = D:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run -- [2016/01/08 14:08:40 | 001,021,736 | ---- | M] (Samsung)
"IDMan" = C:\Program Files\Internet Download Manager\IDMan.exe /onboot -- [2015/11/10 22:09:40 | 003,911,248 | ---- | M] (Tonec Inc.)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015/12/08 21:23:58 | 008,590,760 | ---- | M] (Piriform Ltd)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016/07/28 22:57:53 | 000,000,512 | ---- | M] () MD5=A536EC46F5A88DF934BB17EFD1FCEFAB -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013/12/20 23:30:19 | 007,002,169 | ---- | M] () -- \+Downloads\Internet-Download-Manager-IDM-6.17-Build-11-Final-Incl-Crack.zip
[2007/10/26 21:03:14 | 000,034,964 | ---- | M] () -- \+Downloads\rarcrack-0.2.tar.bz2
[2007/10/26 21:03:14 | 000,034,964 | ---- | M] () -- \+Downloads\rarcrack-0.2.tar_2.bz2
[2014/02/28 18:15:35 | 000,152,704 | ---- | M] () -- \+Downloads\+\Internet Manager Key Crack.rar__3038_i393075388_il5189469.exe
[2007/12/17 13:13:49 | 000,034,181 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - RAR Recovery Toolbox v1.1.4.7 + crack.htm
[2007/04/03 19:13:08 | 000,015,615 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\FleshGet-dowland manager\flashgetv1.73.128crackte.zip
[2007/05/19 23:05:12 | 000,324,164 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\NetLimiter\NetLimiter.Pro.v2.0.7\netlimiterprov2.0.7crackblackmagic.zip
[2008/04/22 19:24:44 | 000,000,941 | ---- | M] () -- \+Downloads\Ladenie XP\TuneUp_Utilities_2008\Ako cracknutt-stara verzia mam 2010.txt
[2012/04/13 23:50:48 | 003,795,454 | ---- | M] () -- \+Nasprac\docasne\S.K.Software.MyLanViewer.v4.9.12.Cracked-ARN_rar rec\S.K.Software.MyLanViewer.v4.9.12.Cracked-ARN.rar
< *keygen* /s >
[2012/01/15 19:07:44 | 001,421,182 | ---- | M] () -- \+Downloads\RAMDisk-4.1-Gilisoft-Software-+-Keygen.rar
[2012/01/13 13:48:36 | 000,423,936 | ---- | M] () -- \+Downloads\++Driver\SSD Tweaker Pro 2.0.1 EN\keygen.exe
[2007/12/29 09:10:56 | 000,017,545 | ---- | M] () -- \+Downloads\+Programy\+Ostatné\Salfeld Child Control 2007 v9.695\chico_MuKkY.of.UCU\child_control_keygen.exe
[2006/12/18 08:14:41 | 000,828,157 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\+IP skrivanie PROXY\Hide_IP_Platinum_3.2___Keygen.zip
[2006/04/06 22:03:48 | 000,045,056 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\+IP skrivanie PROXY\Hide_IP_Platinum_3.21\Hide_IP_Platinum_3.21\Hide IP Platinum 3.21\keygen.exe
[2007/04/03 19:12:54 | 000,027,203 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\FleshGet-dowland manager\flashgetv1.73keygenbrd.zip
[2005/11/13 13:36:28 | 000,048,161 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\DU.Meter.v3.07.Build.200.Incl.Keymaker\DU.Meter.v3.07.Build.200.Incl.Keymaker\keygen.exe
[2007/02/19 13:16:16 | 000,102,400 | ---- | M] () -- \+Downloads\+Programy\+System\o_o\O&O softver overený VÝBER\O&O CleverCache Professional Edition v6.1.2332\O&O CleverCache Professional Edition v6.1.2332\O&O CleverCache Professional Edition v6.1.2332\KeyGen\keygen.exe
[2007/09/02 20:28:04 | 000,054,272 | ---- | M] () -- \+Downloads\+Programy\+System\o_o\O_O_FormatRecovery_4.1.1146\O&O FormatRecovery 4.1.1146\KEYGEN\keygen.exe
[2009/03/16 17:50:05 | 000,269,824 | ---- | M] () -- \+Downloads\+Programy\+System\PowerISO.v4.6.WinAll.Incl.Keygen-CRD\PowerISO.v4.6.WinAll.Incl.Keygen-CRD\keygen.exe
[2008/11/28 18:19:34 | 000,087,552 | ---- | M] () -- \+Downloads\+Programy\Kerio WinRoute Firewall 6.5.2 Build 5172\PATCH\patch-keygen.exe
[2010/11/14 00:54:57 | 000,110,592 | ---- | M] () -- \+Downloads\Ladenie XP\RamDisk\SprSpd_RmDsk_Pl_9.0.1.0\SuperSpeed RamDisk Plus v9.0.1.0 Desktop\keygen.exe
[2007/01/09 23:04:04 | 000,568,832 | ---- | M] () -- \+Nasprac\++DVD\Program\SensorsViewPro21\keygen.exe
< *AntiWPA* /s >
< *loader* /s >
[2014/01/21 21:39:09 | 000,222,184 | ---- | M] () -- \+Downloads\dfdownloader_vuwiTq_.exe
[2011/07/28 08:47:27 | 000,094,208 | ---- | M] () -- \+Downloads\eToroDownloader.exe
[2013/11/12 21:11:56 | 000,401,720 | ---- | M] () -- \+Downloads\SoftonicDownloader_for_etoro.exe
[2013/12/16 23:55:42 | 000,674,976 | ---- | M] () -- \+Downloads\++++X\Unlocker1.9.2 - CHIP Downloader.exe
[2005/06/17 22:42:14 | 000,003,095 | ---- | M] () -- \+Downloads\+++Stahovanie\SeaMonk\NvuPortable-1.0rev5.sk-SK\App\nvu\components\uriloader.xpt
[2007/12/28 19:31:34 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+naSTIAHNUTIE\www.WarXtreme.com __ Zobraziť tému - Sahara (2005)_files\uploader.gif
[2008/02/18 19:58:23 | 000,007,600 | ---- | M] () -- \+Downloads\+Linky BR\+NETAHANE\Babilon 5\Warforum- Babilon 5 SoundTrack30CD_subory\war_uploader.gif
[2008/02/09 02:00:50 | 000,007,600 | ---- | M] () -- \+Downloads\+Linky BR\+NETAHANE\Harry Potter - tajomstvo zväčujúcich sa slipov (2007)\Harry Potter - tajomstvo zväčujúcich sa slipov (2007)_subory\war_uploader.gif
[2008/02/18 20:09:27 | 000,007,600 | ---- | M] () -- \+Downloads\+Linky BR\+NETAHANE\Warforum - Muž, který se postavil tankům -- The Tankman (2006) - CZ_subory\war_uploader.gif
[2007/12/08 13:58:40 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - James Bond_files\uploader.gif
[2007/12/13 17:20:28 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - NetLimiter 2.0.7 Pro_files\uploader.gif
[2007/12/17 13:13:49 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - RAR Recovery Toolbox v1.1.4.7 + crack_files\uploader.gif
[2007/12/13 01:35:55 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - RYCHLYPRACHY.CZ _všetko sem__files\uploader.gif
[2007/12/16 11:00:43 | 000,031,831 | ---- | M] () -- \+Downloads\+Linky BR\+stIAHUTE\www.WarXtreme.com __ Zobraziť tému - Zorro Of The Mask_files\Uploader.gif
[2007/12/08 13:58:48 | 000,009,927 | ---- | M] () -- \+Downloads\+Linky BR\www.WarXtreme.com __ Zobraziť tému - James Bond_files\uploader.gif
[2006/12/16 02:45:09 | 000,210,320 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\+IP skrivanie PROXY\USDownloader134b8\Dimoniusis Homepage - Soft - Download Universal Share Downloader.htm
[2006/12/16 02:43:24 | 004,115,037 | ---- | M] () -- \+Downloads\+Programy\+ProgNaInternet\++Dowlan Tahače\+IP skrivanie PROXY\USDownloader134b8\USDownloader134b8.zip
[2011/12/03 22:25:01 | 061,589,441 | ---- | M] () -- \+Nasprac\docasne\++ST\Stiahnute\Nero Multimedia Suite Mini 10.5.10500 v2.by.-ded-.of.PowerUploaders.rar
[2016/03/30 11:53:42 | 000,004,782 | ---- | M] () -- \Program Files (x86)\Kodi\addons\webinterface.default\images\ajax-loader.gif
[2014/04/30 11:54:12 | 000,013,501 | ---- | M] () -- \Program Files (x86)\Kodi\system\python\Lib\unittest\loader.py
[2013/12/26 20:54:25 | 000,094,208 | ---- | M] () -- \Users\Bax2013\Desktop\eToroDownloader.exe
[2014/07/22 11:53:36 | 000,000,682 | ---- | M] () -- \Users\Bax2013\Desktop\YTD- aj z TV YouTube Downloader.lnk
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2013/06/09 13:21:17 | 000,921,647 | ---- | M] () -- \+Downloads\+++Stahovanie\Teleport-Pro-1.61-serial+čeština.rar
[2010/03/15 09:29:20 | 000,009,950 | ---- | M] () -- \+Downloads\+++Stahovanie\Teleport-Pro-1.61-serial+čeština\Teleport Pro 1.61\serial.docx
[2007/12/10 20:45:38 | 000,079,411 | ---- | M] () -- \+Downloads\+Linky BR\+NETAHANE\RAJFORUM.COM __ Zobraziť tému - Rapidshare Premium serial funkční,ale neměňte mi pořád hesla.htm
[2008/10/29 19:20:53 | 000,000,105 | ---- | M] () -- \+Downloads\+Programy\+System\o_o\O&O softver overený VÝBER\O_O_PartitionManager_Pro_2.0.474\O&O PartitionManager Pro 2.0.474\SERIAL.txt
[2009/01/18 15:08:11 | 000,000,700 | ---- | M] () -- \+Downloads\+Programy\PDFZilla v1.0.8.0+Srial\PDFZilla.Serial.rar
[2009/01/15 10:36:03 | 000,000,031 | ---- | M] () -- \+Downloads\+Programy\PDFZilla v1.0.8.0+Srial\Serial.txt
[2009/05/26 21:12:37 | 000,086,160 | ---- | M] () -- \+Nasprac\ZufaleM3\Prez\Znelky\http---serialy.info-.jpg
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\ProgramData\TEMP:50AE12C5
< End of report >
Re: Prosím o kontrolu CPU 100%
OTL Extras logfile created on: 28. 7. 2016 22:52:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Bax2013\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18349)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
15,94 Gb Total Physical Memory | 6,67 Gb Available Physical Memory | 41,84% Memory free
15,96 Gb Paging File | 5,47 Gb Available in Paging File | 34,25% Paging File free
Paging file location(s): e:\pagefile.sys 16 500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 49,85 Gb Free Space | 44,59% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 1,01 Gb Free Space | 5,16% Space Free | Partition Type: NTFS
Drive E: | 147,24 Gb Total Space | 2,61 Gb Free Space | 1,77% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 3,83 Gb Free Space | 19,61% Space Free | Partition Type: NTFS
Drive N: | 37,28 Gb Total Space | 1,63 Gb Free Space | 4,36% Space Free | Partition Type: NTFS
Drive O: | 37,25 Gb Total Space | 0,54 Gb Free Space | 1,45% Space Free | Partition Type: NTFS
Drive P: | 3725,90 Gb Total Space | 1387,84 Gb Free Space | 37,25% Space Free | Partition Type: NTFS
Drive R: | 2,25 Gb Total Space | 2,18 Gb Free Space | 96,97% Space Free | Partition Type: NTFS
Computer Name: BAX2013-PC | User Name: Bax2013 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 7.Manage] -- "D:\Program Files\ACD Systems\ACDSee Pro\7.0\ACDSeeQVPro7.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 7.Manage] -- "D:\Program Files\ACD Systems\ACDSee Pro\7.0\ACDSeeQVPro7.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F3B49E-26F1-4265-B781-EDF20F5A13B5}" = lport=8643 | protocol=6 | dir=in | name=allshareframeworkdms event tcp port |
"{0B7B31F1-C06E-4826-94C5-17439DBF1FE6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{202A929D-5125-4E07-98E4-60CE13B2A5ED}" = rport=445 | protocol=6 | dir=out | app=system |
"{275F6538-9B1B-454A-9E10-664E74080E36}" = rport=139 | protocol=6 | dir=out | app=system |
"{29441DFE-E357-4DA4-B0E6-2658F7A1E037}" = lport=8612 | protocol=17 | dir=in | app=c:\program files\vuescan\vuescan.exe |
"{2E5B9A8A-4D99-4F51-B5A4-CAAA056EA657}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{315947D3-CD05-4FE3-A9F2-B9E08068C23C}" = lport=8743 | protocol=6 | dir=in | name=allshareframeworkdms action tcp port |
"{31D9597A-CF2E-4346-BDA3-09DBDE1A2211}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{39F0EB0F-5292-489A-8AC6-15A96725962C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{49A928C5-4F26-4977-9A0F-2B974700343B}" = lport=445 | protocol=6 | dir=in | app=system |
"{55F79705-D604-4D47-AF00-19DF0CE0BB27}" = rport=138 | protocol=17 | dir=out | app=system |
"{59831C6A-E1C0-42A5-B697-B94FDAD6C0B5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{59BC91B3-5508-497E-B2B6-3B33A59CC529}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63AF028F-B755-426E-8A75-1EF0EF625BFF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7039DF02-5D5E-4240-97CB-2D4A3589A072}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{704380D8-8365-4DEC-81B2-00D7432D54F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FDF4520-E55C-4C6E-A19C-88FD38689586}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84782C14-7CDA-4230-840B-95105B8509D9}" = lport=138 | protocol=17 | dir=in | app=system |
"{8FBD5763-543D-4453-97F9-D33391026585}" = lport=139 | protocol=6 | dir=in | app=system |
"{91F294D1-CC85-45EE-81E4-A7C4041EBF1E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9646772B-9DDB-4B93-9E18-0BEA626CB1BB}" = lport=8612 | protocol=17 | dir=in | app=c:\program files\vuescan\vuescan.exe |
"{977091FD-1AF0-4E9C-AD89-7E6CAFEEAC9B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\vuescan\vuescan.exe |
"{A4620B95-3F14-4B3F-94A8-BABA86279E1C}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{AD2FA567-4E91-4CDD-B6DB-1FD44BE83E71}" = lport=7679 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port2 |
"{AF8C539C-9392-4474-8D46-27BEE186D80F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B5553159-D99C-43ED-80ED-E7B71A53C2F9}" = lport=7676 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port1 |
"{C9BBE2F6-8E5F-41F1-93D6-DD4A7CC73200}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC24ED96-61D8-49BA-A662-9F5846DC2951}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3D0F440-EB1A-403C-9AEA-5803BC8E1DA2}" = lport=1900 | protocol=6 | dir=in | name=upnp multicast port |
"{E9E0672D-73AF-4189-8587-AA7091D68EA7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\vuescan\vuescan.exe |
"{EA91688A-550E-4CF9-A541-09F94CC1DD2C}" = lport=7900 | protocol=6 | dir=in | name=allshareframework dms service udp port2 |
"{EBDE2539-C924-4344-80BD-EF80FB355B04}" = lport=24234 | protocol=6 | dir=in | name=allshareframework dms service udp port1 |
"{F58C3C1B-FB6C-477A-AFD7-36F9C1997B3D}" = lport=137 | protocol=17 | dir=in | app=system |
"{FCE35F24-C640-4130-8D8D-D0962E6D5DF6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F2AD09-C601-4D4D-8980-B134A3CE6B2F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0AD40A27-117D-47F7-B017-A074722DE96F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C1515CB-AD14-4B0D-8E4E-AD5BF077B9E4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0FDEE041-AEB0-49BE-9E9E-64C64C3770EB}" = dir=in | app=d:\program files (x86)\easeus\todo backup\bin\agent.exe |
"{1225398A-8D56-429C-A35C-FB8E1E75A1D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D027B4B-8F70-4C62-A30C-D078D9727E31}" = protocol=17 | dir=in | app=d:\program files\serviio\console\serviioconsole.exe |
"{2227939A-395D-4262-A6BA-12F35DED5832}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{26276820-19E6-4FF5-9F12-0D855009594C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{300A999D-7643-4862-9F32-5A3A5B89075E}" = protocol=6 | dir=in | app=d:\program files (x86)\easeus\todo backup\bin\tbservice.exe |
"{326F7C45-5A90-4EF9-A4F9-13FEC35FE855}" = protocol=17 | dir=in | app=d:\program files (x86)\opera\opera.exe |
"{353F08E6-5569-48D9-A5E8-9B97759F46D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{38032E34-99AC-4994-B9C0-E930168208C2}" = protocol=17 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.23\allshareframeworkdms.exe |
"{3A392638-501C-46DE-B941-B5C08CA8DCBB}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{3C292C29-6512-439C-B457-91DF4984E759}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{40ABFEA5-0CD5-4A66-B4E6-158618A76BA4}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe |
"{41DA49AE-F4E2-4339-8AB9-6792521822DD}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{43F387B5-2C8A-4E43-87A9-BA54A16CD65B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{44AC6927-8854-4AB5-ADEB-10E0A8ACEDCB}" = protocol=6 | dir=in | app=d:\program files (x86)\opera\opera.exe |
"{45F160B6-B782-4433-9A06-2DFE8C28A77B}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{4694AABA-2F76-48FE-AAE7-A06512A3693B}" = protocol=17 | dir=in | app=f:\program files (x86)\mozilla firefox\firefox.exe |
"{4E44757B-F4D1-4683-B4EC-1F4B2F0284CE}" = dir=in | app=c:\programdata\legpat\legpat.exe |
"{4F29CA02-5471-4B7E-B11F-9A48D520473D}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{52766049-E6B3-44E0-B105-2D4EFE673201}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{52949128-C019-4412-B06C-937B8932D24B}" = protocol=6 | dir=in | app=f:\program files (x86)\mozilla firefox\firefox.exe |
"{5598E5AF-85CD-47F1-BDB1-54B47D02736A}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{57B1918B-6C3F-4565-9FE3-839AEF51E0B1}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{66533127-6120-4580-B5B4-AA1C0FDCE67B}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office14\groove.exe |
"{669C3A62-EC7C-4942-8759-0903848C81FB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{670C9426-BD0C-4CF9-9383-5E7123B789C0}" = protocol=6 | dir=in | app=d:\program files (x86)\easeus\todo backup\bin\tbconsoleui.exe |
"{70D4E365-9DA3-40C8-9358-AC02B94C9C67}" = protocol=6 | dir=in | app=d:\program files\serviio\console\serviioconsole.exe |
"{740883EF-F016-4155-ABB2-7F0EF0AF49A4}" = dir=in | app=c:\program files (x86)\firefox\bin\firefoxupdate.exe |
"{83B1B2AA-5C4E-4B53-8A29-87330529FD7C}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{859BB503-1C30-4A9B-9C4F-3E66F2F8FBB3}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{8A6B2D21-36BA-40AD-AC07-8835DDFEF396}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F192C58-948D-416E-AE6E-F5AF72379F30}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{90C6B23C-41FC-4382-BE81-3D4C74C03D8C}" = protocol=17 | dir=in | app=d:\program files\serviio\bin\serviioservice.exe |
"{926360C7-4D4D-4A56-961D-EB68E5707636}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{9B775CBA-20C2-403A-86AB-102EC292757A}" = dir=in | app=d:\program files\zoner\photo studio 18\program32\mediaserver.exe |
"{A006003E-3377-4ED0-8084-69FC4ACFA449}" = protocol=6 | dir=in | app=d:\program files\serviio\bin\serviioservice.exe |
"{A47FEC4E-5800-4FD7-8640-DDCF834C67F5}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{B0A2627B-AD99-4A9E-BEB7-A98B0A3AD4C9}" = protocol=6 | dir=in | app=d:\program files\serviio\console\serviioconsole.exe |
"{C006AE8C-3E41-4A36-8B39-D8C490B30018}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C02D70D8-8FEC-43B9-B55A-D854F9243633}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C0BE164F-8B3B-4414-9428-BD5571FD49CB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C1D23AD3-3DC3-47EE-B641-B577106AD0E9}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C2AD01BB-C0B3-4003-94A3-3FD1F071474C}" = protocol=6 | dir=out | app=system |
"{C45D5ECC-7429-4185-AD71-63695EB9C987}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C97BEA51-E688-4A23-8CA5-3AC6A4133D5A}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe |
"{DA8EDB56-3550-49D4-B49C-ECC22EE88C1A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DCBA1AB6-A708-4128-BDFE-A0B6AF10850A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E1461763-03C1-4D5C-8EE3-B0898CB54579}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2FDE5E1-089B-460F-8378-FC2978F655AF}" = protocol=17 | dir=in | app=d:\program files (x86)\easeus\todo backup\bin\tbconsoleui.exe |
"{E3782E2F-09F4-400D-8918-1F02F6B08DAF}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{E7BB7775-8284-4000-BEDF-5E48C8F50308}" = protocol=17 | dir=in | app=d:\program files (x86)\ai suite ii\ai suite ii.exe |
"{F0E0125C-A34D-48E4-B633-48A791C7B3CA}" = protocol=17 | dir=in | app=d:\program files (x86)\easeus\todo backup\bin\tbservice.exe |
"{F2A2C95D-83C4-4AE2-937D-9B4EA82AA92C}" = protocol=6 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.23\allshareframeworkdms.exe |
"{F316D86D-745A-4B0A-8C4C-8D64CB289C16}" = protocol=6 | dir=in | app=d:\program files (x86)\ai suite ii\ai suite ii.exe |
"{F350238D-5F94-4815-AD2F-D61084F718F0}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office14\groove.exe |
"TCP Query User{03C57FE2-1D02-4D6D-BF24-0B7719D895B8}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{083E2CE2-8A15-4B08-A82A-CF0D3182E244}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{189E98D5-3182-4D5A-A7FC-F556CA60897B}P:\program neinstall\utorrent-portable\utorrent.exe" = protocol=6 | dir=in | app=p:\program neinstall\utorrent-portable\utorrent.exe |
"TCP Query User{29993B48-553C-4246-9AA2-BEEBB54DC10B}E:\progneinst\vlc-1.1.11-win32\vlc-1.1.11\vlc.exe" = protocol=6 | dir=in | app=e:\progneinst\vlc-1.1.11-win32\vlc-1.1.11\vlc.exe |
"TCP Query User{2B106EB9-4247-4841-BB0A-A1F04D12CF6A}E:\progneinst\miranda im portable\miranda32.exe" = protocol=6 | dir=in | app=e:\progneinst\miranda im portable\miranda32.exe |
"TCP Query User{38AE1D67-25DB-4E21-8DD7-E59FB8884D74}D:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe" = protocol=6 | dir=in | app=d:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe |
"TCP Query User{3AF13E40-EC2C-4AFD-804D-8CD48385D03F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{3F0BDB80-D595-4900-8023-2DF2A63B82BC}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ea games\need for speed most wanted\nfs13.exe |
"TCP Query User{402806A2-7AAA-42CC-AA3D-7BB389E67270}C:\users\bax2013\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\bax2013\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{627E1DD4-4FE3-41FF-BB4A-6742E16F3003}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe |
"TCP Query User{6810F1BB-BB22-49C4-BC02-8300F373F106}E:\progneinst\+internet\operaportable_10.51\opera.exe" = protocol=6 | dir=in | app=e:\progneinst\+internet\operaportable_10.51\opera.exe |
"TCP Query User{6B71D8F8-9392-4029-BB36-9416C64BA546}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{7CF22018-595B-47AC-8985-860199E2DB26}D:\Program Files\Java\jre8\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=d:\program files\java\jre8\launch4j-tmp\frd.exe |
"TCP Query User{7D23C40B-330F-4454-A8E5-1982464B0151}D:\program files\java\jre8\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=d:\program files\java\jre8\launch4j-tmp\frd.exe |
"TCP Query User{86B40F1F-DF74-4E07-B244-D115E14F2A23}F:\program files (x86)\kodi\kodi.exe" = protocol=6 | dir=in | app=f:\program files (x86)\kodi\kodi.exe |
"TCP Query User{8B6A5BEF-BBE3-4ACE-BF9D-012CBC33F7A6}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{973E2A5C-4C48-4613-9A1C-24DF2724E3B6}E:\progneinst\totalcmd _totalcommander-v-7-56a\totalcmd.exe" = protocol=6 | dir=in | app=e:\progneinst\totalcmd _totalcommander-v-7-56a\totalcmd.exe |
"TCP Query User{A75AB416-1EC1-4BC8-87EE-26DF4966E787}C:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe |
"TCP Query User{BB38C0FE-9776-436C-A051-18E6DF79DB93}F:\program files (x86)\kodi\kodi.exe" = protocol=6 | dir=in | app=f:\program files (x86)\kodi\kodi.exe |
"TCP Query User{C3EDD811-AB51-4B64-853E-FDAC47B1927B}D:\users\bax2013\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\users\bax2013\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{C98B1665-3CF2-4A15-9054-EAB3DD963BF5}D:\Program Files\Java\jdk1.8.0_05\bin\jmc.exe" = protocol=6 | dir=in | app=d:\program files\java\jdk1.8.0_05\bin\jmc.exe |
"TCP Query User{EC4458C7-1F57-4A28-80A8-CC5AFFE5F6AC}C:\program files\java\jre1.8.0_91\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_91\launch4j-tmp\frd.exe |
"TCP Query User{F88B36F3-16C6-458B-B81A-4333D09FA123}D:\program files (x86)\makemkv\makemkvcon64.exe" = protocol=6 | dir=in | app=d:\program files (x86)\makemkv\makemkvcon64.exe |
"UDP Query User{08420803-A611-45BB-A09C-59ABAAADB812}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ea games\need for speed most wanted\nfs13.exe |
"UDP Query User{0D06169B-A1AD-4E6F-838E-E5710C23D706}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{1DE4FD05-AC5F-4A4E-8647-A5272E165E79}D:\users\bax2013\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\users\bax2013\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{2F0AC91C-7A66-464B-AAAF-C17983D08279}F:\program files (x86)\kodi\kodi.exe" = protocol=17 | dir=in | app=f:\program files (x86)\kodi\kodi.exe |
"UDP Query User{3537EC2A-B2E1-4DC9-B8D5-87B5F5782920}C:\program files\java\jre1.8.0_91\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_91\launch4j-tmp\frd.exe |
"UDP Query User{3744290F-D323-444C-86B6-12022D20F123}E:\progneinst\totalcmd _totalcommander-v-7-56a\totalcmd.exe" = protocol=17 | dir=in | app=e:\progneinst\totalcmd _totalcommander-v-7-56a\totalcmd.exe |
"UDP Query User{4385F26A-2E70-4AB5-9309-24826891A28A}D:\Program Files\Java\jre8\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=d:\program files\java\jre8\launch4j-tmp\frd.exe |
"UDP Query User{46A7338A-DB46-41BA-9FEA-AFC3537AFD72}E:\progneinst\vlc-1.1.11-win32\vlc-1.1.11\vlc.exe" = protocol=17 | dir=in | app=e:\progneinst\vlc-1.1.11-win32\vlc-1.1.11\vlc.exe |
"UDP Query User{4C157899-A743-41FB-BDC4-90BAE48A7AB2}D:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe" = protocol=17 | dir=in | app=d:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe |
"UDP Query User{58DCD512-A967-4DFA-93DF-0C7ED5C93C9F}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe |
"UDP Query User{61CC9CE6-F13B-46E9-852C-842A4C044D75}P:\program neinstall\utorrent-portable\utorrent.exe" = protocol=17 | dir=in | app=p:\program neinstall\utorrent-portable\utorrent.exe |
"UDP Query User{6A2E372D-CE0D-4C7C-A4FC-FD22D1AB2A38}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{6CBB5E0F-74BE-4EC8-9D9D-B557CDAD4C0B}E:\progneinst\+internet\operaportable_10.51\opera.exe" = protocol=17 | dir=in | app=e:\progneinst\+internet\operaportable_10.51\opera.exe |
"UDP Query User{718442AC-CF17-439B-BE7D-3DF41F261D27}C:\users\bax2013\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\bax2013\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{722F1753-A1CB-416D-9567-928628E28F70}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{8876DE91-355A-47DC-9E02-E55C4BCBDE84}D:\program files (x86)\makemkv\makemkvcon64.exe" = protocol=17 | dir=in | app=d:\program files (x86)\makemkv\makemkvcon64.exe |
"UDP Query User{AFE054DB-176E-472D-8FF6-162EB9089260}C:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe |
"UDP Query User{B7D2CACD-19FA-4CAC-A900-BB7E4E1CE70F}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{D2AE1072-C57F-4289-A0AA-963259EF68E4}D:\Program Files\Java\jdk1.8.0_05\bin\jmc.exe" = protocol=17 | dir=in | app=d:\program files\java\jdk1.8.0_05\bin\jmc.exe |
"UDP Query User{E92AEF94-DAF0-468D-8A26-BAB147DE9DC7}D:\program files\java\jre8\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=d:\program files\java\jre8\launch4j-tmp\frd.exe |
"UDP Query User{EFA8F840-98C5-4FB2-86E1-A5A226F762C4}E:\progneinst\miranda im portable\miranda32.exe" = protocol=17 | dir=in | app=e:\progneinst\miranda im portable\miranda32.exe |
"UDP Query User{F17A565F-B8A4-4A44-97F4-10B5F70AB4EF}F:\program files (x86)\kodi\kodi.exe" = protocol=17 | dir=in | app=f:\program files (x86)\kodi\kodi.exe |
"UDP Query User{FC215C3E-69A0-49C5-9330-7A8EA16DA570}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio 2.7.2
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86418091F0}" = Java 8 Update 91 (64-bit)
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1" = ConvertHelper 3.1.1
"{33A14ED9-0340-4193-BEDB-B95BC8196182}_is1" = SoftPerfect RAM Disk 3.4.5
"{4420E725-6083-6899-9E30-D3C80B8764D1}" = AMD Accelerated Video Transcoding
"{54F2237F-018C-483B-8884-9FC0D88840C3}" = VC_CRT_x64
"{5C05E208-456E-34D3-21E2-5E38737A3EDF}" = AMD Drag and Drop Transcoding
"{644B5296-5B22-40EE-B954-9598E2E1427E}" = Intel(R) Network Connections 18.1.59.0
"{64A3A4F4-B792-11D6-A78A-00B0D0180050}" = Java SE Development Kit 8 Update 5 (64-bit)
"{83232C27-8C3F-44A5-9EB2-BB7161228ADD}" = AllShare Framework DMS
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{918A2C48-E40E-4341-B9C1-A38D50213F6B}" = PaperPort Image Printer 64-bit
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE280888-6A74-5862-5033-56EDF1A28479}" = AMD Media Foundation Decoders
"{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}" = Microsoft Image Composite Editor
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C9585D98-D6EA-FFBD-1B15-425AFEB9071C}" = ccc-utility64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = Samsung USB Driver for Mobile Phones
"{D2A6EC54-CB46-49E4-A6FC-A9179F9D9D12}" = ACDSee Pro 7 (64-bit)
"{E1602881-1D30-3AD1-719E-256841D63DAE}" = AMD Wireless Display v3.0
"{EDC0E654-60C7-758D-6B81-C8D3ACCEDEE5}" = AMD Catalyst Install Manager
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"8474-7877-9059-0204" = Samsung Link 2.0.0.1603091618
"CCleaner" = CCleaner
"EaseUS Data Recovery Wizard 8.8_is1" = EaseUS Data Recovery Wizard 8.8
"Free Video Cutter Expert" = Free Video Cutter Expert (remove only)
"MediaCoder x64" = MediaCoder x64 0.8.45.5852
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"nbi-nb-base-8.0.0.0.201403101706" = NetBeans IDE 8.0
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PROSetDX" = Intel(R) Network Connections 18.1.59.0
"Recuva" = Recuva
"Serviio" = Serviio
"Unlocker" = Unlocker 1.9.0-x64
"VueScan x64" = VueScan x64
"WinDjView" = WinDjView 2.0.2
"ZonerPhotoStudio16_SK_is1" = Zoner Photo Studio 16
"ZonerPhotoStudio18_CZ_is1" = Zoner Photo Studio 18
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00916718-A200-75A2-E5A2-7A9930300A70}" = CCC Help Portuguese
"{04F1F77B-844D-4493-E939-BDC46F46D7C2}_is1" = 5.0.1150 CZ Free-( Win 7).zip version for Windows
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0B213659-97EF-2094-0C8F-6A8BC7E3D788}" = CCC Help Italian
"{0C0D528A-0D1D-94CF-1CE3-E6446C56BE36}" = CCC Help Polish
"{114B2F94-A581-56E3-07CA-423FA5AEA836}" = Catalyst Control Center InstallProxy
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{14C8CE46-C68C-461B-BCA9-E276A85851C6}" = TuneUp Utilities 2014 (en-US)
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1633CAA5-000A-DEF5-DFF8-291BF256A4D3}" = CCC Help Spanish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D66156D-D721-4B55-B08B-BDC917E8DCD0}" = ScanSoft PaperPort 11
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{253EEDA7-C876-452A-B4A0-3E853CBE9D6A}" = TogglDesktop
"{26A24AE4-039D-4CA4-87B4-2F83218091F0}" = Java 8 Update 91
"{26CB37AD-1EC1-3A9D-47A2-2EB3CBE18F4A}" = CCC Help Korean
"{27AC9FC3-9041-4CA0-B718-C0B8122D9B32}" = ScanSoft OmniPage SE 16
"{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT
"{2F62B244-3106-D2E6-C146-722E60AEF4B1}" = CCC Help Chinese Traditional
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}" = TP-LINK TL-WN725N_TL-WN723N Driver
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{42831FA4-7960-411E-B8E4-5D8A4F8180C2}" = Google2SRT
"{4377286A-7040-4CEA-E8C4-CA90AC6343DE}" = CCC Help French
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5AD7E7A1-5402-9C67-0DA7-133EB77A78BA}" = CCC Help Greek
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{659DCD4A-8A70-4A46-B524-4A4F7A87CB40}" = Xerox WorkCentre 6015B
"{70EEEAE5-FF92-45A7-B701-394473D19774}" = Vaše bydlení 3D v6
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{715BB51F-DC9D-EFD6-6372-FDB0EBCF2518}" = CCC Help English
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77C14E08-79D1-1986-8F3F-47113D755D33}" = CCC Help Dutch
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{820D8513-4CF4-1C0E-D2B7-DB6DC0C184F8}" = CCC Help Hungarian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FA601A-241A-4956-8A21-F7D525C4422F}_is1" = SSD Tweaker version 2.0.1
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{9303DE78-E872-7F2E-8358-18FABB4E2FA8}" = CCC Help Finnish
"{93293322-B694-4270-B7FE-DDE1A681ACCA}" = linguatec Voice Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C15DDDA-2225-470B-0918-AEEE294AB60E}" = Catalyst Control Center Localization All
"{A46ABD1E-2837-11E6-9E7C-005056951CAD}" = Evernote v. 6.1.2
"{A85CC7BA-760F-4B65-8E2F-640BE314F2F8}" = Advanced PDF Password Recovery
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 7.0 Professional Edition
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.16) MUI
"{B2E3DD10-2A63-07A7-2E80-1A957AD0903C}" = CCC Help Russian
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B7C61ABD-EA41-BA15-F072-58FA83BB6F72}" = CCC Help Danish
"{BBB21AB1-2C45-435D-A05A-B563072E7B9B}" = Xirrus Wi-Fi Inspector
"{BBB3C5A5-6B8E-9211-59C6-FBA953DD99A3}" = CCC Help Turkish
"{BEC7BC94-791D-2513-6537-DF43B8EF7BB1}" = Catalyst Control Center Graphics Previews Common
"{C436D7F3-3EC5-4975-92F9-978DB4594A06}_is1" = The Room verze 1.0.1
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher verze 3.8
"{D691E998-CF53-4F6C-AC20-E4284660E0E7}" = PDF Architect 2 View Module
"{DA178EC8-DA8B-561D-6275-C1B5E4F68944}" = CCC Help Chinese Standard
"{DADFC67D-64DD-AE87-939D-C3B79C72ED90}" = CCC Help Thai
"{DD220ECF-FAD6-DF11-CF7B-BD5E6F02B063}" = CCC Help Japanese
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode version 3.2.5.5
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E62E3529-3315-9FA1-6268-37CD977BB8ED}" = CCC Help Czech
"{E8A4EDB6-90AD-BF82-514E-3FE3034F4650}" = AMD Catalyst Control Center
"{EB3BEA83-ED6F-00B8-B7AC-A865A933379D}" = CCC Help German
"{EB4C309A-8DCB-4AB6-867A-06D67C96B234}" = Image Retriever 9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FAE04C2B-091A-07BF-1CC2-1F4BD9A2567B}" = CCC Help Swedish
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}" = TuneUp Utilities 2014
"{FEEEC731-91C0-3ACE-8DF8-DEAF126AB09A}" = CCC Help Norwegian
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 4.5" = Adobe Digital Editions 4.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 22 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 22 NPAPI
"Alt-Tab Thingy™_is1" = Alt-Tab Thingy™ v4.0.4
"Avast" = Avast Free Antivirus
"Avidemux 2.6 - 64bits (64-bit)" = Avidemux 2.6 - 64bits
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 9.1
"camcodec" = CamStudio Lossless Codec v1.5
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"EaseUS Todo Backup Free 6.5_is1" = EaseUS Todo Backup Free 6.5
"Emicsoft MKV Converter_is1" = Emicsoft MKV Converter
"ESET Online Scanner" = ESET Online Scanner v3
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate
"Goldstarway Trading" = Goldstarway Trading (remove only)
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"Chrome Privacy Protector" = Chrome Privacy Protector
"IDM Patch 6.25 build 03" = IDM Patch 6.25 build 03
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{659DCD4A-8A70-4A46-B524-4A4F7A87CB40}" = Xerox WorkCentre 6015B
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Internet Download Manager" = Internet Download Manager
"iSafe" = YAC(Yet Another Cleaner!)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.3.0
"MagniDriver" = marvell 91xx driver
"MakeMKV" = MakeMKV v1.8.10
"Maxthon3" = Maxthon Cloud Browser
"MKVToolNix" = MKVToolNix 9.3.1 (64bit)
"Mozilla Firefox 47.0.1 (x86 sk)" = Mozilla Firefox 47.0.1 (x86 sk)
"Opera 12.17.1863" = Opera 12.17
"Osmo4" = Osmo4/GPAC (remove only)
"PDF Architect 2" = PDF Architect 2
"Plus500" = Plus500
"PS3 Media Server" = PS3 Media Server
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"SafeZone 1.48.2066.101" = SafeZone Stable 1.48.2066.101
"SeaMonkey 2.40 (x86 sk)" = SeaMonkey 2.40 (x86 sk)
"SolveigMM AVI Trimmer 2.1.1307.29" = SolveigMM AVI Trimmer
"TrueCrypt" = TrueCrypt
"TuneUp Utilities" = TuneUp Utilities 2014
"UFS Explorer Standard Recovery (version 4)_is1" = UFS Explorer Standard Recovery, version 4.9.2
"Vegas Pro 13.0 (64-bit)" = Vegas Pro 13.0 (64-bit)
"VLC media player" = VLC media player
"WinPcapInst" = WinPcap 4.1.3
"WinRAR archiver" = WinRAR 5.31 (32-bitová verzia)
"yBook_is1" = yBook
"YTD_Pepak" = YTD (pepak)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Kodi" = Kodi
"MyFreeCodec" = MyFreeCodec
"Wooky" = Wooky 3.0.0.9
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22. 7. 2016 6:08:55 | Computer Name = Bax2013-PC | Source = ThreadLib | ID = 0
Description =
Error - 22. 7. 2016 6:59:37 | Computer Name = Bax2013-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: plugin-container.exe, verzia: 47.0.1.6018,
časová značka: 0x576c9637 Názov chybového modulu: mozglue.dll, verzia: 47.0.1.6018,
časová značka: 0x576c85ba Kód výnimky: 0x80000003 Odstup chyby: 0x0000f02b Identifikácia
chybného procesu: 0x23cc Čas spustenia chybnej aplikácie: 0x01d1e106552c21c4 Cesta
chybnej aplikácie: F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Cesta
chybného modulu: F:\Program Files (x86)\Mozilla Firefox\mozglue.dll Identifikácia
hlásenia: 60e34556-4ffb-11e6-aacb-ac220bcde10c
Error - 22. 7. 2016 17:09:35 | Computer Name = Bax2013-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 7. 2016 2:28:15 | Computer Name = Bax2013-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 24. 7. 2016 2:28:15 | Computer Name = Bax2013-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 24. 7. 2016 16:09:23 | Computer Name = Bax2013-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: plugin-container.exe, verzia: 47.0.1.6018,
časová značka: 0x576c9637 Názov chybového modulu: mozglue.dll, verzia: 47.0.1.6018,
časová značka: 0x576c85ba Kód výnimky: 0x80000003 Odstup chyby: 0x0000f02b Identifikácia
chybného procesu: 0x2734 Čas spustenia chybnej aplikácie: 0x01d1e51dc3be2ccf Cesta
chybnej aplikácie: F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Cesta
chybného modulu: F:\Program Files (x86)\Mozilla Firefox\mozglue.dll Identifikácia
hlásenia: 82c50d7e-51da-11e6-99f5-ac220bcde10c
Error - 26. 7. 2016 15:00:58 | Computer Name = Bax2013-PC | Source = WinMgmt | ID = 10
Description =
Error - 26. 7. 2016 15:30:51 | Computer Name = Bax2013-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 26. 7. 2016 15:31:02 | Computer Name = Bax2013-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 26. 7. 2016 15:31:14 | Computer Name = Bax2013-PC | Source = MsiInstaller | ID = 11706
Description =
[ Media Center Events ]
Error - 16. 2. 2016 7:00:02 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 12:00:02 - Chyba pripájania na Internet. 12:00:02 - Nebolo možné
spojiť sa so serverom..
Error - 16. 2. 2016 7:00:09 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 12:00:07 - Chyba pripájania na Internet. 12:00:07 - Nebolo možné
spojiť sa so serverom..
Error - 17. 2. 2016 16:28:09 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 21:28:09 - Chyba pripájania na Internet. 21:28:09 - Nebolo možné
spojiť sa so serverom..
Error - 17. 2. 2016 16:28:16 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 21:28:14 - Chyba pripájania na Internet. 21:28:14 - Nebolo možné
spojiť sa so serverom..
Error - 18. 2. 2016 16:36:57 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 21:36:57 - Chyba pripájania na Internet. 21:36:57 - Nebolo možné
spojiť sa so serverom..
Error - 18. 2. 2016 16:37:02 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 21:37:02 - Chyba pripájania na Internet. 21:37:02 - Nebolo možné
spojiť sa so serverom..
Error - 23. 2. 2016 3:29:36 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 8:29:35 - Chyba pripájania na Internet. 8:29:35 - Nebolo možné
spojiť sa so serverom..
Error - 28. 2. 2016 13:27:11 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 18:27:11 - Chyba pripájania na Internet. 18:27:11 - Nebolo možné
spojiť sa so serverom..
Error - 26. 7. 2016 11:01:13 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 17:01:13 - Chyba pripájania na Internet. 17:01:13 - Nebolo možné
spojiť sa so serverom..
Error - 26. 7. 2016 14:58:12 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 20:58:12 - Chyba pripájania na Internet. 20:58:12 - Nebolo možné
spojiť sa so serverom..
[ System Events ]
Error - 22. 7. 2016 19:12:39 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7034
Description = Služba Serviio sa neočakávane ukončila. Služba sa týmto spôsobom ukončila
už 1-krát.
Error - 26. 7. 2016 15:00:47 | Computer Name = Bax2013-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 20:59:06 on ?26. ?7. ?2016 was unexpected.
Error - 26. 7. 2016 15:00:50 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby cktSvc zlyhalo kvôli nasledujúcej chybe: %%2
Error - 26. 7. 2016 15:01:13 | Computer Name = Bax2013-PC | Source = DCOM | ID = 10001
Description =
Error - 26. 7. 2016 15:01:14 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: GsRamDsk
Error - 26. 7. 2016 15:08:55 | Computer Name = Bax2013-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort2.
Error - 26. 7. 2016 16:32:44 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7031
Description = Služba Avast Antivirus sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.
Error - 26. 7. 2016 16:40:53 | Computer Name = Bax2013-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort2.
Error - 26. 7. 2016 17:06:17 | Computer Name = Bax2013-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 70.
Error - 28. 7. 2016 3:53:53 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby ShellHWDetection bol
dosiahnutý časový limit (30000 ms).
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Bax2013\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18349)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
15,94 Gb Total Physical Memory | 6,67 Gb Available Physical Memory | 41,84% Memory free
15,96 Gb Paging File | 5,47 Gb Available in Paging File | 34,25% Paging File free
Paging file location(s): e:\pagefile.sys 16 500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 49,85 Gb Free Space | 44,59% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 1,01 Gb Free Space | 5,16% Space Free | Partition Type: NTFS
Drive E: | 147,24 Gb Total Space | 2,61 Gb Free Space | 1,77% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 3,83 Gb Free Space | 19,61% Space Free | Partition Type: NTFS
Drive N: | 37,28 Gb Total Space | 1,63 Gb Free Space | 4,36% Space Free | Partition Type: NTFS
Drive O: | 37,25 Gb Total Space | 0,54 Gb Free Space | 1,45% Space Free | Partition Type: NTFS
Drive P: | 3725,90 Gb Total Space | 1387,84 Gb Free Space | 37,25% Space Free | Partition Type: NTFS
Drive R: | 2,25 Gb Total Space | 2,18 Gb Free Space | 96,97% Space Free | Partition Type: NTFS
Computer Name: BAX2013-PC | User Name: Bax2013 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 7.Manage] -- "D:\Program Files\ACD Systems\ACDSee Pro\7.0\ACDSeeQVPro7.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 7.Manage] -- "D:\Program Files\ACD Systems\ACDSee Pro\7.0\ACDSeeQVPro7.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F3B49E-26F1-4265-B781-EDF20F5A13B5}" = lport=8643 | protocol=6 | dir=in | name=allshareframeworkdms event tcp port |
"{0B7B31F1-C06E-4826-94C5-17439DBF1FE6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{202A929D-5125-4E07-98E4-60CE13B2A5ED}" = rport=445 | protocol=6 | dir=out | app=system |
"{275F6538-9B1B-454A-9E10-664E74080E36}" = rport=139 | protocol=6 | dir=out | app=system |
"{29441DFE-E357-4DA4-B0E6-2658F7A1E037}" = lport=8612 | protocol=17 | dir=in | app=c:\program files\vuescan\vuescan.exe |
"{2E5B9A8A-4D99-4F51-B5A4-CAAA056EA657}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{315947D3-CD05-4FE3-A9F2-B9E08068C23C}" = lport=8743 | protocol=6 | dir=in | name=allshareframeworkdms action tcp port |
"{31D9597A-CF2E-4346-BDA3-09DBDE1A2211}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{39F0EB0F-5292-489A-8AC6-15A96725962C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{49A928C5-4F26-4977-9A0F-2B974700343B}" = lport=445 | protocol=6 | dir=in | app=system |
"{55F79705-D604-4D47-AF00-19DF0CE0BB27}" = rport=138 | protocol=17 | dir=out | app=system |
"{59831C6A-E1C0-42A5-B697-B94FDAD6C0B5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{59BC91B3-5508-497E-B2B6-3B33A59CC529}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63AF028F-B755-426E-8A75-1EF0EF625BFF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7039DF02-5D5E-4240-97CB-2D4A3589A072}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{704380D8-8365-4DEC-81B2-00D7432D54F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FDF4520-E55C-4C6E-A19C-88FD38689586}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84782C14-7CDA-4230-840B-95105B8509D9}" = lport=138 | protocol=17 | dir=in | app=system |
"{8FBD5763-543D-4453-97F9-D33391026585}" = lport=139 | protocol=6 | dir=in | app=system |
"{91F294D1-CC85-45EE-81E4-A7C4041EBF1E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9646772B-9DDB-4B93-9E18-0BEA626CB1BB}" = lport=8612 | protocol=17 | dir=in | app=c:\program files\vuescan\vuescan.exe |
"{977091FD-1AF0-4E9C-AD89-7E6CAFEEAC9B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\vuescan\vuescan.exe |
"{A4620B95-3F14-4B3F-94A8-BABA86279E1C}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{AD2FA567-4E91-4CDD-B6DB-1FD44BE83E71}" = lport=7679 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port2 |
"{AF8C539C-9392-4474-8D46-27BEE186D80F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B5553159-D99C-43ED-80ED-E7B71A53C2F9}" = lport=7676 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port1 |
"{C9BBE2F6-8E5F-41F1-93D6-DD4A7CC73200}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC24ED96-61D8-49BA-A662-9F5846DC2951}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3D0F440-EB1A-403C-9AEA-5803BC8E1DA2}" = lport=1900 | protocol=6 | dir=in | name=upnp multicast port |
"{E9E0672D-73AF-4189-8587-AA7091D68EA7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\vuescan\vuescan.exe |
"{EA91688A-550E-4CF9-A541-09F94CC1DD2C}" = lport=7900 | protocol=6 | dir=in | name=allshareframework dms service udp port2 |
"{EBDE2539-C924-4344-80BD-EF80FB355B04}" = lport=24234 | protocol=6 | dir=in | name=allshareframework dms service udp port1 |
"{F58C3C1B-FB6C-477A-AFD7-36F9C1997B3D}" = lport=137 | protocol=17 | dir=in | app=system |
"{FCE35F24-C640-4130-8D8D-D0962E6D5DF6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F2AD09-C601-4D4D-8980-B134A3CE6B2F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0AD40A27-117D-47F7-B017-A074722DE96F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C1515CB-AD14-4B0D-8E4E-AD5BF077B9E4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0FDEE041-AEB0-49BE-9E9E-64C64C3770EB}" = dir=in | app=d:\program files (x86)\easeus\todo backup\bin\agent.exe |
"{1225398A-8D56-429C-A35C-FB8E1E75A1D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D027B4B-8F70-4C62-A30C-D078D9727E31}" = protocol=17 | dir=in | app=d:\program files\serviio\console\serviioconsole.exe |
"{2227939A-395D-4262-A6BA-12F35DED5832}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{26276820-19E6-4FF5-9F12-0D855009594C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{300A999D-7643-4862-9F32-5A3A5B89075E}" = protocol=6 | dir=in | app=d:\program files (x86)\easeus\todo backup\bin\tbservice.exe |
"{326F7C45-5A90-4EF9-A4F9-13FEC35FE855}" = protocol=17 | dir=in | app=d:\program files (x86)\opera\opera.exe |
"{353F08E6-5569-48D9-A5E8-9B97759F46D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{38032E34-99AC-4994-B9C0-E930168208C2}" = protocol=17 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.23\allshareframeworkdms.exe |
"{3A392638-501C-46DE-B941-B5C08CA8DCBB}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{3C292C29-6512-439C-B457-91DF4984E759}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{40ABFEA5-0CD5-4A66-B4E6-158618A76BA4}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe |
"{41DA49AE-F4E2-4339-8AB9-6792521822DD}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{43F387B5-2C8A-4E43-87A9-BA54A16CD65B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{44AC6927-8854-4AB5-ADEB-10E0A8ACEDCB}" = protocol=6 | dir=in | app=d:\program files (x86)\opera\opera.exe |
"{45F160B6-B782-4433-9A06-2DFE8C28A77B}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{4694AABA-2F76-48FE-AAE7-A06512A3693B}" = protocol=17 | dir=in | app=f:\program files (x86)\mozilla firefox\firefox.exe |
"{4E44757B-F4D1-4683-B4EC-1F4B2F0284CE}" = dir=in | app=c:\programdata\legpat\legpat.exe |
"{4F29CA02-5471-4B7E-B11F-9A48D520473D}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{52766049-E6B3-44E0-B105-2D4EFE673201}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{52949128-C019-4412-B06C-937B8932D24B}" = protocol=6 | dir=in | app=f:\program files (x86)\mozilla firefox\firefox.exe |
"{5598E5AF-85CD-47F1-BDB1-54B47D02736A}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{57B1918B-6C3F-4565-9FE3-839AEF51E0B1}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{66533127-6120-4580-B5B4-AA1C0FDCE67B}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office14\groove.exe |
"{669C3A62-EC7C-4942-8759-0903848C81FB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{670C9426-BD0C-4CF9-9383-5E7123B789C0}" = protocol=6 | dir=in | app=d:\program files (x86)\easeus\todo backup\bin\tbconsoleui.exe |
"{70D4E365-9DA3-40C8-9358-AC02B94C9C67}" = protocol=6 | dir=in | app=d:\program files\serviio\console\serviioconsole.exe |
"{740883EF-F016-4155-ABB2-7F0EF0AF49A4}" = dir=in | app=c:\program files (x86)\firefox\bin\firefoxupdate.exe |
"{83B1B2AA-5C4E-4B53-8A29-87330529FD7C}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{859BB503-1C30-4A9B-9C4F-3E66F2F8FBB3}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{8A6B2D21-36BA-40AD-AC07-8835DDFEF396}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F192C58-948D-416E-AE6E-F5AF72379F30}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{90C6B23C-41FC-4382-BE81-3D4C74C03D8C}" = protocol=17 | dir=in | app=d:\program files\serviio\bin\serviioservice.exe |
"{926360C7-4D4D-4A56-961D-EB68E5707636}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{9B775CBA-20C2-403A-86AB-102EC292757A}" = dir=in | app=d:\program files\zoner\photo studio 18\program32\mediaserver.exe |
"{A006003E-3377-4ED0-8084-69FC4ACFA449}" = protocol=6 | dir=in | app=d:\program files\serviio\bin\serviioservice.exe |
"{A47FEC4E-5800-4FD7-8640-DDCF834C67F5}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{B0A2627B-AD99-4A9E-BEB7-A98B0A3AD4C9}" = protocol=6 | dir=in | app=d:\program files\serviio\console\serviioconsole.exe |
"{C006AE8C-3E41-4A36-8B39-D8C490B30018}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C02D70D8-8FEC-43B9-B55A-D854F9243633}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C0BE164F-8B3B-4414-9428-BD5571FD49CB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C1D23AD3-3DC3-47EE-B641-B577106AD0E9}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C2AD01BB-C0B3-4003-94A3-3FD1F071474C}" = protocol=6 | dir=out | app=system |
"{C45D5ECC-7429-4185-AD71-63695EB9C987}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C97BEA51-E688-4A23-8CA5-3AC6A4133D5A}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe |
"{DA8EDB56-3550-49D4-B49C-ECC22EE88C1A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DCBA1AB6-A708-4128-BDFE-A0B6AF10850A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E1461763-03C1-4D5C-8EE3-B0898CB54579}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2FDE5E1-089B-460F-8378-FC2978F655AF}" = protocol=17 | dir=in | app=d:\program files (x86)\easeus\todo backup\bin\tbconsoleui.exe |
"{E3782E2F-09F4-400D-8918-1F02F6B08DAF}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{E7BB7775-8284-4000-BEDF-5E48C8F50308}" = protocol=17 | dir=in | app=d:\program files (x86)\ai suite ii\ai suite ii.exe |
"{F0E0125C-A34D-48E4-B633-48A791C7B3CA}" = protocol=17 | dir=in | app=d:\program files (x86)\easeus\todo backup\bin\tbservice.exe |
"{F2A2C95D-83C4-4AE2-937D-9B4EA82AA92C}" = protocol=6 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.23\allshareframeworkdms.exe |
"{F316D86D-745A-4B0A-8C4C-8D64CB289C16}" = protocol=6 | dir=in | app=d:\program files (x86)\ai suite ii\ai suite ii.exe |
"{F350238D-5F94-4815-AD2F-D61084F718F0}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office14\groove.exe |
"TCP Query User{03C57FE2-1D02-4D6D-BF24-0B7719D895B8}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{083E2CE2-8A15-4B08-A82A-CF0D3182E244}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{189E98D5-3182-4D5A-A7FC-F556CA60897B}P:\program neinstall\utorrent-portable\utorrent.exe" = protocol=6 | dir=in | app=p:\program neinstall\utorrent-portable\utorrent.exe |
"TCP Query User{29993B48-553C-4246-9AA2-BEEBB54DC10B}E:\progneinst\vlc-1.1.11-win32\vlc-1.1.11\vlc.exe" = protocol=6 | dir=in | app=e:\progneinst\vlc-1.1.11-win32\vlc-1.1.11\vlc.exe |
"TCP Query User{2B106EB9-4247-4841-BB0A-A1F04D12CF6A}E:\progneinst\miranda im portable\miranda32.exe" = protocol=6 | dir=in | app=e:\progneinst\miranda im portable\miranda32.exe |
"TCP Query User{38AE1D67-25DB-4E21-8DD7-E59FB8884D74}D:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe" = protocol=6 | dir=in | app=d:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe |
"TCP Query User{3AF13E40-EC2C-4AFD-804D-8CD48385D03F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{3F0BDB80-D595-4900-8023-2DF2A63B82BC}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ea games\need for speed most wanted\nfs13.exe |
"TCP Query User{402806A2-7AAA-42CC-AA3D-7BB389E67270}C:\users\bax2013\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\bax2013\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{627E1DD4-4FE3-41FF-BB4A-6742E16F3003}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe |
"TCP Query User{6810F1BB-BB22-49C4-BC02-8300F373F106}E:\progneinst\+internet\operaportable_10.51\opera.exe" = protocol=6 | dir=in | app=e:\progneinst\+internet\operaportable_10.51\opera.exe |
"TCP Query User{6B71D8F8-9392-4029-BB36-9416C64BA546}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{7CF22018-595B-47AC-8985-860199E2DB26}D:\Program Files\Java\jre8\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=d:\program files\java\jre8\launch4j-tmp\frd.exe |
"TCP Query User{7D23C40B-330F-4454-A8E5-1982464B0151}D:\program files\java\jre8\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=d:\program files\java\jre8\launch4j-tmp\frd.exe |
"TCP Query User{86B40F1F-DF74-4E07-B244-D115E14F2A23}F:\program files (x86)\kodi\kodi.exe" = protocol=6 | dir=in | app=f:\program files (x86)\kodi\kodi.exe |
"TCP Query User{8B6A5BEF-BBE3-4ACE-BF9D-012CBC33F7A6}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{973E2A5C-4C48-4613-9A1C-24DF2724E3B6}E:\progneinst\totalcmd _totalcommander-v-7-56a\totalcmd.exe" = protocol=6 | dir=in | app=e:\progneinst\totalcmd _totalcommander-v-7-56a\totalcmd.exe |
"TCP Query User{A75AB416-1EC1-4BC8-87EE-26DF4966E787}C:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe |
"TCP Query User{BB38C0FE-9776-436C-A051-18E6DF79DB93}F:\program files (x86)\kodi\kodi.exe" = protocol=6 | dir=in | app=f:\program files (x86)\kodi\kodi.exe |
"TCP Query User{C3EDD811-AB51-4B64-853E-FDAC47B1927B}D:\users\bax2013\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\users\bax2013\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{C98B1665-3CF2-4A15-9054-EAB3DD963BF5}D:\Program Files\Java\jdk1.8.0_05\bin\jmc.exe" = protocol=6 | dir=in | app=d:\program files\java\jdk1.8.0_05\bin\jmc.exe |
"TCP Query User{EC4458C7-1F57-4A28-80A8-CC5AFFE5F6AC}C:\program files\java\jre1.8.0_91\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_91\launch4j-tmp\frd.exe |
"TCP Query User{F88B36F3-16C6-458B-B81A-4333D09FA123}D:\program files (x86)\makemkv\makemkvcon64.exe" = protocol=6 | dir=in | app=d:\program files (x86)\makemkv\makemkvcon64.exe |
"UDP Query User{08420803-A611-45BB-A09C-59ABAAADB812}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ea games\need for speed most wanted\nfs13.exe |
"UDP Query User{0D06169B-A1AD-4E6F-838E-E5710C23D706}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{1DE4FD05-AC5F-4A4E-8647-A5272E165E79}D:\users\bax2013\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\users\bax2013\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{2F0AC91C-7A66-464B-AAAF-C17983D08279}F:\program files (x86)\kodi\kodi.exe" = protocol=17 | dir=in | app=f:\program files (x86)\kodi\kodi.exe |
"UDP Query User{3537EC2A-B2E1-4DC9-B8D5-87B5F5782920}C:\program files\java\jre1.8.0_91\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_91\launch4j-tmp\frd.exe |
"UDP Query User{3744290F-D323-444C-86B6-12022D20F123}E:\progneinst\totalcmd _totalcommander-v-7-56a\totalcmd.exe" = protocol=17 | dir=in | app=e:\progneinst\totalcmd _totalcommander-v-7-56a\totalcmd.exe |
"UDP Query User{4385F26A-2E70-4AB5-9309-24826891A28A}D:\Program Files\Java\jre8\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=d:\program files\java\jre8\launch4j-tmp\frd.exe |
"UDP Query User{46A7338A-DB46-41BA-9FEA-AFC3537AFD72}E:\progneinst\vlc-1.1.11-win32\vlc-1.1.11\vlc.exe" = protocol=17 | dir=in | app=e:\progneinst\vlc-1.1.11-win32\vlc-1.1.11\vlc.exe |
"UDP Query User{4C157899-A743-41FB-BDC4-90BAE48A7AB2}D:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe" = protocol=17 | dir=in | app=d:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe |
"UDP Query User{58DCD512-A967-4DFA-93DF-0C7ED5C93C9F}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe |
"UDP Query User{61CC9CE6-F13B-46E9-852C-842A4C044D75}P:\program neinstall\utorrent-portable\utorrent.exe" = protocol=17 | dir=in | app=p:\program neinstall\utorrent-portable\utorrent.exe |
"UDP Query User{6A2E372D-CE0D-4C7C-A4FC-FD22D1AB2A38}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{6CBB5E0F-74BE-4EC8-9D9D-B557CDAD4C0B}E:\progneinst\+internet\operaportable_10.51\opera.exe" = protocol=17 | dir=in | app=e:\progneinst\+internet\operaportable_10.51\opera.exe |
"UDP Query User{718442AC-CF17-439B-BE7D-3DF41F261D27}C:\users\bax2013\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\bax2013\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{722F1753-A1CB-416D-9567-928628E28F70}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{8876DE91-355A-47DC-9E02-E55C4BCBDE84}D:\program files (x86)\makemkv\makemkvcon64.exe" = protocol=17 | dir=in | app=d:\program files (x86)\makemkv\makemkvcon64.exe |
"UDP Query User{AFE054DB-176E-472D-8FF6-162EB9089260}C:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe |
"UDP Query User{B7D2CACD-19FA-4CAC-A900-BB7E4E1CE70F}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{D2AE1072-C57F-4289-A0AA-963259EF68E4}D:\Program Files\Java\jdk1.8.0_05\bin\jmc.exe" = protocol=17 | dir=in | app=d:\program files\java\jdk1.8.0_05\bin\jmc.exe |
"UDP Query User{E92AEF94-DAF0-468D-8A26-BAB147DE9DC7}D:\program files\java\jre8\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=d:\program files\java\jre8\launch4j-tmp\frd.exe |
"UDP Query User{EFA8F840-98C5-4FB2-86E1-A5A226F762C4}E:\progneinst\miranda im portable\miranda32.exe" = protocol=17 | dir=in | app=e:\progneinst\miranda im portable\miranda32.exe |
"UDP Query User{F17A565F-B8A4-4A44-97F4-10B5F70AB4EF}F:\program files (x86)\kodi\kodi.exe" = protocol=17 | dir=in | app=f:\program files (x86)\kodi\kodi.exe |
"UDP Query User{FC215C3E-69A0-49C5-9330-7A8EA16DA570}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio 2.7.2
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86418091F0}" = Java 8 Update 91 (64-bit)
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1" = ConvertHelper 3.1.1
"{33A14ED9-0340-4193-BEDB-B95BC8196182}_is1" = SoftPerfect RAM Disk 3.4.5
"{4420E725-6083-6899-9E30-D3C80B8764D1}" = AMD Accelerated Video Transcoding
"{54F2237F-018C-483B-8884-9FC0D88840C3}" = VC_CRT_x64
"{5C05E208-456E-34D3-21E2-5E38737A3EDF}" = AMD Drag and Drop Transcoding
"{644B5296-5B22-40EE-B954-9598E2E1427E}" = Intel(R) Network Connections 18.1.59.0
"{64A3A4F4-B792-11D6-A78A-00B0D0180050}" = Java SE Development Kit 8 Update 5 (64-bit)
"{83232C27-8C3F-44A5-9EB2-BB7161228ADD}" = AllShare Framework DMS
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{918A2C48-E40E-4341-B9C1-A38D50213F6B}" = PaperPort Image Printer 64-bit
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE280888-6A74-5862-5033-56EDF1A28479}" = AMD Media Foundation Decoders
"{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}" = Microsoft Image Composite Editor
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C9585D98-D6EA-FFBD-1B15-425AFEB9071C}" = ccc-utility64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = Samsung USB Driver for Mobile Phones
"{D2A6EC54-CB46-49E4-A6FC-A9179F9D9D12}" = ACDSee Pro 7 (64-bit)
"{E1602881-1D30-3AD1-719E-256841D63DAE}" = AMD Wireless Display v3.0
"{EDC0E654-60C7-758D-6B81-C8D3ACCEDEE5}" = AMD Catalyst Install Manager
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"8474-7877-9059-0204" = Samsung Link 2.0.0.1603091618
"CCleaner" = CCleaner
"EaseUS Data Recovery Wizard 8.8_is1" = EaseUS Data Recovery Wizard 8.8
"Free Video Cutter Expert" = Free Video Cutter Expert (remove only)
"MediaCoder x64" = MediaCoder x64 0.8.45.5852
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"nbi-nb-base-8.0.0.0.201403101706" = NetBeans IDE 8.0
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PROSetDX" = Intel(R) Network Connections 18.1.59.0
"Recuva" = Recuva
"Serviio" = Serviio
"Unlocker" = Unlocker 1.9.0-x64
"VueScan x64" = VueScan x64
"WinDjView" = WinDjView 2.0.2
"ZonerPhotoStudio16_SK_is1" = Zoner Photo Studio 16
"ZonerPhotoStudio18_CZ_is1" = Zoner Photo Studio 18
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00916718-A200-75A2-E5A2-7A9930300A70}" = CCC Help Portuguese
"{04F1F77B-844D-4493-E939-BDC46F46D7C2}_is1" = 5.0.1150 CZ Free-( Win 7).zip version for Windows
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0B213659-97EF-2094-0C8F-6A8BC7E3D788}" = CCC Help Italian
"{0C0D528A-0D1D-94CF-1CE3-E6446C56BE36}" = CCC Help Polish
"{114B2F94-A581-56E3-07CA-423FA5AEA836}" = Catalyst Control Center InstallProxy
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{14C8CE46-C68C-461B-BCA9-E276A85851C6}" = TuneUp Utilities 2014 (en-US)
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1633CAA5-000A-DEF5-DFF8-291BF256A4D3}" = CCC Help Spanish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D66156D-D721-4B55-B08B-BDC917E8DCD0}" = ScanSoft PaperPort 11
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{253EEDA7-C876-452A-B4A0-3E853CBE9D6A}" = TogglDesktop
"{26A24AE4-039D-4CA4-87B4-2F83218091F0}" = Java 8 Update 91
"{26CB37AD-1EC1-3A9D-47A2-2EB3CBE18F4A}" = CCC Help Korean
"{27AC9FC3-9041-4CA0-B718-C0B8122D9B32}" = ScanSoft OmniPage SE 16
"{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT
"{2F62B244-3106-D2E6-C146-722E60AEF4B1}" = CCC Help Chinese Traditional
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}" = TP-LINK TL-WN725N_TL-WN723N Driver
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{42831FA4-7960-411E-B8E4-5D8A4F8180C2}" = Google2SRT
"{4377286A-7040-4CEA-E8C4-CA90AC6343DE}" = CCC Help French
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5AD7E7A1-5402-9C67-0DA7-133EB77A78BA}" = CCC Help Greek
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{659DCD4A-8A70-4A46-B524-4A4F7A87CB40}" = Xerox WorkCentre 6015B
"{70EEEAE5-FF92-45A7-B701-394473D19774}" = Vaše bydlení 3D v6
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{715BB51F-DC9D-EFD6-6372-FDB0EBCF2518}" = CCC Help English
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77C14E08-79D1-1986-8F3F-47113D755D33}" = CCC Help Dutch
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{820D8513-4CF4-1C0E-D2B7-DB6DC0C184F8}" = CCC Help Hungarian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FA601A-241A-4956-8A21-F7D525C4422F}_is1" = SSD Tweaker version 2.0.1
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{9303DE78-E872-7F2E-8358-18FABB4E2FA8}" = CCC Help Finnish
"{93293322-B694-4270-B7FE-DDE1A681ACCA}" = linguatec Voice Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C15DDDA-2225-470B-0918-AEEE294AB60E}" = Catalyst Control Center Localization All
"{A46ABD1E-2837-11E6-9E7C-005056951CAD}" = Evernote v. 6.1.2
"{A85CC7BA-760F-4B65-8E2F-640BE314F2F8}" = Advanced PDF Password Recovery
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 7.0 Professional Edition
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.16) MUI
"{B2E3DD10-2A63-07A7-2E80-1A957AD0903C}" = CCC Help Russian
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B7C61ABD-EA41-BA15-F072-58FA83BB6F72}" = CCC Help Danish
"{BBB21AB1-2C45-435D-A05A-B563072E7B9B}" = Xirrus Wi-Fi Inspector
"{BBB3C5A5-6B8E-9211-59C6-FBA953DD99A3}" = CCC Help Turkish
"{BEC7BC94-791D-2513-6537-DF43B8EF7BB1}" = Catalyst Control Center Graphics Previews Common
"{C436D7F3-3EC5-4975-92F9-978DB4594A06}_is1" = The Room verze 1.0.1
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher verze 3.8
"{D691E998-CF53-4F6C-AC20-E4284660E0E7}" = PDF Architect 2 View Module
"{DA178EC8-DA8B-561D-6275-C1B5E4F68944}" = CCC Help Chinese Standard
"{DADFC67D-64DD-AE87-939D-C3B79C72ED90}" = CCC Help Thai
"{DD220ECF-FAD6-DF11-CF7B-BD5E6F02B063}" = CCC Help Japanese
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode version 3.2.5.5
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E62E3529-3315-9FA1-6268-37CD977BB8ED}" = CCC Help Czech
"{E8A4EDB6-90AD-BF82-514E-3FE3034F4650}" = AMD Catalyst Control Center
"{EB3BEA83-ED6F-00B8-B7AC-A865A933379D}" = CCC Help German
"{EB4C309A-8DCB-4AB6-867A-06D67C96B234}" = Image Retriever 9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FAE04C2B-091A-07BF-1CC2-1F4BD9A2567B}" = CCC Help Swedish
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}" = TuneUp Utilities 2014
"{FEEEC731-91C0-3ACE-8DF8-DEAF126AB09A}" = CCC Help Norwegian
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 4.5" = Adobe Digital Editions 4.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 22 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 22 NPAPI
"Alt-Tab Thingy™_is1" = Alt-Tab Thingy™ v4.0.4
"Avast" = Avast Free Antivirus
"Avidemux 2.6 - 64bits (64-bit)" = Avidemux 2.6 - 64bits
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 9.1
"camcodec" = CamStudio Lossless Codec v1.5
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"EaseUS Todo Backup Free 6.5_is1" = EaseUS Todo Backup Free 6.5
"Emicsoft MKV Converter_is1" = Emicsoft MKV Converter
"ESET Online Scanner" = ESET Online Scanner v3
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate
"Goldstarway Trading" = Goldstarway Trading (remove only)
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"Chrome Privacy Protector" = Chrome Privacy Protector
"IDM Patch 6.25 build 03" = IDM Patch 6.25 build 03
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{659DCD4A-8A70-4A46-B524-4A4F7A87CB40}" = Xerox WorkCentre 6015B
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Internet Download Manager" = Internet Download Manager
"iSafe" = YAC(Yet Another Cleaner!)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.3.0
"MagniDriver" = marvell 91xx driver
"MakeMKV" = MakeMKV v1.8.10
"Maxthon3" = Maxthon Cloud Browser
"MKVToolNix" = MKVToolNix 9.3.1 (64bit)
"Mozilla Firefox 47.0.1 (x86 sk)" = Mozilla Firefox 47.0.1 (x86 sk)
"Opera 12.17.1863" = Opera 12.17
"Osmo4" = Osmo4/GPAC (remove only)
"PDF Architect 2" = PDF Architect 2
"Plus500" = Plus500
"PS3 Media Server" = PS3 Media Server
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"SafeZone 1.48.2066.101" = SafeZone Stable 1.48.2066.101
"SeaMonkey 2.40 (x86 sk)" = SeaMonkey 2.40 (x86 sk)
"SolveigMM AVI Trimmer 2.1.1307.29" = SolveigMM AVI Trimmer
"TrueCrypt" = TrueCrypt
"TuneUp Utilities" = TuneUp Utilities 2014
"UFS Explorer Standard Recovery (version 4)_is1" = UFS Explorer Standard Recovery, version 4.9.2
"Vegas Pro 13.0 (64-bit)" = Vegas Pro 13.0 (64-bit)
"VLC media player" = VLC media player
"WinPcapInst" = WinPcap 4.1.3
"WinRAR archiver" = WinRAR 5.31 (32-bitová verzia)
"yBook_is1" = yBook
"YTD_Pepak" = YTD (pepak)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1391750300-441857230-858820617-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Kodi" = Kodi
"MyFreeCodec" = MyFreeCodec
"Wooky" = Wooky 3.0.0.9
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22. 7. 2016 6:08:55 | Computer Name = Bax2013-PC | Source = ThreadLib | ID = 0
Description =
Error - 22. 7. 2016 6:59:37 | Computer Name = Bax2013-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: plugin-container.exe, verzia: 47.0.1.6018,
časová značka: 0x576c9637 Názov chybového modulu: mozglue.dll, verzia: 47.0.1.6018,
časová značka: 0x576c85ba Kód výnimky: 0x80000003 Odstup chyby: 0x0000f02b Identifikácia
chybného procesu: 0x23cc Čas spustenia chybnej aplikácie: 0x01d1e106552c21c4 Cesta
chybnej aplikácie: F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Cesta
chybného modulu: F:\Program Files (x86)\Mozilla Firefox\mozglue.dll Identifikácia
hlásenia: 60e34556-4ffb-11e6-aacb-ac220bcde10c
Error - 22. 7. 2016 17:09:35 | Computer Name = Bax2013-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 7. 2016 2:28:15 | Computer Name = Bax2013-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 24. 7. 2016 2:28:15 | Computer Name = Bax2013-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 24. 7. 2016 16:09:23 | Computer Name = Bax2013-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: plugin-container.exe, verzia: 47.0.1.6018,
časová značka: 0x576c9637 Názov chybového modulu: mozglue.dll, verzia: 47.0.1.6018,
časová značka: 0x576c85ba Kód výnimky: 0x80000003 Odstup chyby: 0x0000f02b Identifikácia
chybného procesu: 0x2734 Čas spustenia chybnej aplikácie: 0x01d1e51dc3be2ccf Cesta
chybnej aplikácie: F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Cesta
chybného modulu: F:\Program Files (x86)\Mozilla Firefox\mozglue.dll Identifikácia
hlásenia: 82c50d7e-51da-11e6-99f5-ac220bcde10c
Error - 26. 7. 2016 15:00:58 | Computer Name = Bax2013-PC | Source = WinMgmt | ID = 10
Description =
Error - 26. 7. 2016 15:30:51 | Computer Name = Bax2013-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 26. 7. 2016 15:31:02 | Computer Name = Bax2013-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 26. 7. 2016 15:31:14 | Computer Name = Bax2013-PC | Source = MsiInstaller | ID = 11706
Description =
[ Media Center Events ]
Error - 16. 2. 2016 7:00:02 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 12:00:02 - Chyba pripájania na Internet. 12:00:02 - Nebolo možné
spojiť sa so serverom..
Error - 16. 2. 2016 7:00:09 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 12:00:07 - Chyba pripájania na Internet. 12:00:07 - Nebolo možné
spojiť sa so serverom..
Error - 17. 2. 2016 16:28:09 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 21:28:09 - Chyba pripájania na Internet. 21:28:09 - Nebolo možné
spojiť sa so serverom..
Error - 17. 2. 2016 16:28:16 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 21:28:14 - Chyba pripájania na Internet. 21:28:14 - Nebolo možné
spojiť sa so serverom..
Error - 18. 2. 2016 16:36:57 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 21:36:57 - Chyba pripájania na Internet. 21:36:57 - Nebolo možné
spojiť sa so serverom..
Error - 18. 2. 2016 16:37:02 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 21:37:02 - Chyba pripájania na Internet. 21:37:02 - Nebolo možné
spojiť sa so serverom..
Error - 23. 2. 2016 3:29:36 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 8:29:35 - Chyba pripájania na Internet. 8:29:35 - Nebolo možné
spojiť sa so serverom..
Error - 28. 2. 2016 13:27:11 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 18:27:11 - Chyba pripájania na Internet. 18:27:11 - Nebolo možné
spojiť sa so serverom..
Error - 26. 7. 2016 11:01:13 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 17:01:13 - Chyba pripájania na Internet. 17:01:13 - Nebolo možné
spojiť sa so serverom..
Error - 26. 7. 2016 14:58:12 | Computer Name = Bax2013-PC | Source = MCUpdate | ID = 0
Description = 20:58:12 - Chyba pripájania na Internet. 20:58:12 - Nebolo možné
spojiť sa so serverom..
[ System Events ]
Error - 22. 7. 2016 19:12:39 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7034
Description = Služba Serviio sa neočakávane ukončila. Služba sa týmto spôsobom ukončila
už 1-krát.
Error - 26. 7. 2016 15:00:47 | Computer Name = Bax2013-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 20:59:06 on ?26. ?7. ?2016 was unexpected.
Error - 26. 7. 2016 15:00:50 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby cktSvc zlyhalo kvôli nasledujúcej chybe: %%2
Error - 26. 7. 2016 15:01:13 | Computer Name = Bax2013-PC | Source = DCOM | ID = 10001
Description =
Error - 26. 7. 2016 15:01:14 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: GsRamDsk
Error - 26. 7. 2016 15:08:55 | Computer Name = Bax2013-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort2.
Error - 26. 7. 2016 16:32:44 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7031
Description = Služba Avast Antivirus sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.
Error - 26. 7. 2016 16:40:53 | Computer Name = Bax2013-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort2.
Error - 26. 7. 2016 17:06:17 | Computer Name = Bax2013-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 70.
Error - 28. 7. 2016 3:53:53 | Computer Name = Bax2013-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby ShellHWDetection bol
dosiahnutý časový limit (30000 ms).
< End of report >
Re: Prosím o kontrolu CPU 100%
Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu CPU 100%
# AdwCleaner v5.201 - Log vytvorený 08/08/2016 v 21:43:53
# Aktualizované 30/06/2016 by ToolsLib
# Databáza : 2016-08-08.2 [Server]
# Operačný systém : Windows 7 Ultimate Service Pack 1 (X64)
# Užívateľské meno : Bax2013 - BAX2013-PC
# Spustené z : F:\Users\Bax2013\Downloads\adwcleaner_5.201.exe
# Nastavenie : Čistenie
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[!] Služba Nie Zmazané : iSafeKrnl
[!] Služba Nie Zmazané : iSafeKrnlBoot
[!] Služba Nie Zmazané : iSafeKrnlKit
[-] Služba Zmazané : iSafeKrnlMon
[!] Služba Nie Zmazané : iSafeKrnlR3
[!] Služba Nie Zmazané : iSafeNetFilter
[!] Služba Nie Zmazané : iSafeService
[-] Služba Zmazané : cktSvc
***** [ Priečinky ] *****
[-] Priečinok Zmazané : C:\ProgramData\tencent
[-] Priečinok Zmazané : C:\ProgramData\Uncheckit
[-] Priečinok Zmazané : C:\ProgramData\Legpat
[#] Priečinok Zmazané : C:\ProgramData\Tencent
[-] Priečinok Zmazané : C:\ProgramData\awinpa
[-] Priečinok Zmazané : C:\ProgramData\bwinpb
[-] Priečinok Zmazané : C:\ProgramData\KwinpK
[-] Priečinok Zmazané : C:\ProgramData\ZwinpZ
[#] Priečinok Zmazané : C:\ProgramData\Application Data\tencent
[#] Priečinok Zmazané : C:\ProgramData\Application Data\Uncheckit
[#] Priečinok Zmazané : C:\ProgramData\Application Data\Legpat
[#] Priečinok Zmazané : C:\ProgramData\Application Data\Tencent
[#] Priečinok Zmazané : C:\ProgramData\Application Data\awinpa
[#] Priečinok Zmazané : C:\ProgramData\Application Data\bwinpb
[#] Priečinok Zmazané : C:\ProgramData\Application Data\KwinpK
[#] Priečinok Zmazané : C:\ProgramData\Application Data\ZwinpZ
[-] Priečinok Zmazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Priečinok Zmazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uncheckit
[#] Priečinok Zmazané : C:\Program Files (x86)\Elex-tech
[-] Priečinok Zmazané : C:\Program Files (x86)\SFK
[-] Priečinok Zmazané : C:\Program Files (x86)\Systweak Support Dock
[-] Priečinok Zmazané : C:\Program Files (x86)\ACGPro
[-] Priečinok Zmazané : C:\Program Files (x86)\GtkFree
[-] Priečinok Zmazané : C:\Program Files (x86)\yesforsearchesbnd
[-] Priečinok Zmazané : C:\Program Files (x86)\TData
[-] Priečinok Zmazané : C:\Program Files (x86)\Winsere
[-] Priečinok Zmazané : C:\Program Files (x86)\WinTaske
[-] Priečinok Zmazané : C:\Program Files (x86)\ppt
[-] Priečinok Zmazané : C:\Program Files (x86)\QQBrowser
[-] Priečinok Zmazané : C:\Program Files (x86)\Legpat
[-] Priečinok Zmazané : C:\Program Files (x86)\TXQQBrowser
[-] Priečinok Zmazané : C:\Program Files (x86)\1E0089A0-1452897906-6400-1956-AC220BCDE10C
[-] Priečinok Zmazané : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Local\pokki
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Local\SwvUpdater
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Local\Legpat
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\eCyber
[#] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Elex-tech
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\FLV and Media Player
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\GoldenGate
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\GrabPro
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\mysites123
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\ProgSense
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Systweak
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\tencent
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Booking_helper
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\qksee
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\WinZiper
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Uncheckit
[#] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Tencent
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\extensions\arthurj8283@gmail.com
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\YourGSearchFinder_br
[-] Priečinok Zmazané : C:\Program Files\amdidx
[-] Priečinok Zmazané : C:\Users\Public\Documents\dmp
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[#] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
***** [ Súbory ] *****
[-] Súbor Zmazané : C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[#] Súbor Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\searchplugins\mysites123.xml
[-] Súbor Zmazané : C:\Users\Bax2013\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] Súbor Zmazané : C:\Users\Bax2013\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] Súbor Zmazané : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] Súbor Zmazané : C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] Súbor Zmazané : C:\Windows\SysNative\drivers\iSafeNetFilter.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupcovia ] *****
[-] Zástupca Vyliečené : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[-] Zástupca Vyliečené : F:\Users\Bax2013\Desktop\Start Tor Browser.lnk
***** [ Naplánované úlohy ] *****
[-] Úloha Zmazané : ACGPro Update
[-] Úloha Zmazané : WinTaske
[-] Úloha Zmazané : Browser Updater Task(Core)
[-] Úloha Zmazané : UncheckitTaskMN
[-] Úloha Zmazané : UncheckitUpdateTaskC
[-] Úloha Zmazané : UncheckitUpdateTaskDB
***** [ Registre ] *****
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[-] Kľúč registra Zmazané : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Kľúč registra Zmazané : HKCU\Software\c303e0479e0fa306b370a871e601cc1e
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.001
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.z
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Hodnota Zmazané : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Kľúč registra Zmazané : HKCU\Software\Classes\pokki
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
[-] Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[-] Kľúč registra Zmazané : HKCU\Software\Conduit
[-] Kľúč registra Zmazané : HKCU\Software\GoldenGate
[-] Kľúč registra Zmazané : HKCU\Software\Linkey
[-] Kľúč registra Zmazané : HKCU\Software\Myfree Codec
[-] Kľúč registra Zmazané : HKCU\Software\OB
[-] Kľúč registra Zmazané : HKCU\Software\Pokki
[-] Kľúč registra Zmazané : HKCU\Software\PRODUCTSETUP
[-] Kľúč registra Zmazané : HKCU\Software\ProgSense
[-] Kľúč registra Zmazané : HKCU\Software\Softonic
[-] Kľúč registra Zmazané : HKCU\Software\csastats
[-] Kľúč registra Zmazané : HKCU\Software\Uncheckit
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\downchecker
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Elex-tech
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\hdcode
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Myfree Codec
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\SmdmF
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Surftastic
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\SystemK
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\yessearchesSoftware
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\qkseeSvc
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\qksee
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Uncheckit
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\downchecker
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Kľúč registra Zmazané : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Kľúč registra Zmazané : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[#] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Pokki
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\pcmgr
[-] Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
***** [ Webové prehliadače ] *****
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.ts", "1470036402");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.uid", "st4000dm000-1f2168_z300dq0kxxxxz300dq0k");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... g2z0mce1e7[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.ts", "1470036402");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.uid", "st4000dm000-1f2168_z300dq0kxxxxz300dq0k");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... g2z0mce1e7[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.defaultenginename.US", "data:text/plain,browser.search.defaultenginename.US=yessearches");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpAXUtBnUqBE. ... =ffsengext");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffs ... v=20160114");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.ts", "1470036402");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.uid", "st4000dm000-1f2168_z300dq0kxxxxz300dq0k");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... g2z0mce1e7[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE", "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224520316,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.browser.version.last", "43.0");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.firstKnownVersion", "7.38.8.45986");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.homepage", "/index.jhtml?n=7829e503");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.hp.enabled", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.hp.guardType", "HPR");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.initialized", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.installation.installDate", "2016011523");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.installation.success", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.lastActivePing", "1452938737157");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.lastKnownVersion", "7.38.8.45986");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.lssState", "{\"previousLocales\":[\"sk\",\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\"[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.options.defaultSearch", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.options.homePageEnabled", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.options.keywordEnabled", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.options.tabEnabled", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language", "en");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type", "Toolbar");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.searchHistory", "jano");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.shownUninstall", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.startupTasks", "{\"clearPrefs\":[\"extensions.toolbar.mindspark._brMembers_.shownUninstall\"],\"undoDisableHPGuard\":[\"true\"]}");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.successUrl", "hxxp://www.yessearches.com/chrome.php?uid=EA15 ... ttoolbar&q[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.toolbarCollapsed", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Bax2013\\\\AppData\\[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark.lastInstalled", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("keyword.URL", "hxxp://www.yessearches.com/chrome.php?uid=EA15 ... toolbar&q=");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.ts", "1470036402");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.uid", "st4000dm000-1f2168_z300dq0kxxxxz300dq0k");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... g2z0mce1e7[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Zmazané : hxxp://www.nicesearches.com?type=hp&ts=1467624 ... 7o1z0m5eam
*************************
:: "Tracing" kľúče zmazané
:: Nastavenia Winsock resetované.
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [31595 bajtov] - [08/08/2016 21:43:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [34129 bajtov] - [08/08/2016 21:40:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [31745 bajtov] ##########
# Aktualizované 30/06/2016 by ToolsLib
# Databáza : 2016-08-08.2 [Server]
# Operačný systém : Windows 7 Ultimate Service Pack 1 (X64)
# Užívateľské meno : Bax2013 - BAX2013-PC
# Spustené z : F:\Users\Bax2013\Downloads\adwcleaner_5.201.exe
# Nastavenie : Čistenie
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[!] Služba Nie Zmazané : iSafeKrnl
[!] Služba Nie Zmazané : iSafeKrnlBoot
[!] Služba Nie Zmazané : iSafeKrnlKit
[-] Služba Zmazané : iSafeKrnlMon
[!] Služba Nie Zmazané : iSafeKrnlR3
[!] Služba Nie Zmazané : iSafeNetFilter
[!] Služba Nie Zmazané : iSafeService
[-] Služba Zmazané : cktSvc
***** [ Priečinky ] *****
[-] Priečinok Zmazané : C:\ProgramData\tencent
[-] Priečinok Zmazané : C:\ProgramData\Uncheckit
[-] Priečinok Zmazané : C:\ProgramData\Legpat
[#] Priečinok Zmazané : C:\ProgramData\Tencent
[-] Priečinok Zmazané : C:\ProgramData\awinpa
[-] Priečinok Zmazané : C:\ProgramData\bwinpb
[-] Priečinok Zmazané : C:\ProgramData\KwinpK
[-] Priečinok Zmazané : C:\ProgramData\ZwinpZ
[#] Priečinok Zmazané : C:\ProgramData\Application Data\tencent
[#] Priečinok Zmazané : C:\ProgramData\Application Data\Uncheckit
[#] Priečinok Zmazané : C:\ProgramData\Application Data\Legpat
[#] Priečinok Zmazané : C:\ProgramData\Application Data\Tencent
[#] Priečinok Zmazané : C:\ProgramData\Application Data\awinpa
[#] Priečinok Zmazané : C:\ProgramData\Application Data\bwinpb
[#] Priečinok Zmazané : C:\ProgramData\Application Data\KwinpK
[#] Priečinok Zmazané : C:\ProgramData\Application Data\ZwinpZ
[-] Priečinok Zmazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Priečinok Zmazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uncheckit
[#] Priečinok Zmazané : C:\Program Files (x86)\Elex-tech
[-] Priečinok Zmazané : C:\Program Files (x86)\SFK
[-] Priečinok Zmazané : C:\Program Files (x86)\Systweak Support Dock
[-] Priečinok Zmazané : C:\Program Files (x86)\ACGPro
[-] Priečinok Zmazané : C:\Program Files (x86)\GtkFree
[-] Priečinok Zmazané : C:\Program Files (x86)\yesforsearchesbnd
[-] Priečinok Zmazané : C:\Program Files (x86)\TData
[-] Priečinok Zmazané : C:\Program Files (x86)\Winsere
[-] Priečinok Zmazané : C:\Program Files (x86)\WinTaske
[-] Priečinok Zmazané : C:\Program Files (x86)\ppt
[-] Priečinok Zmazané : C:\Program Files (x86)\QQBrowser
[-] Priečinok Zmazané : C:\Program Files (x86)\Legpat
[-] Priečinok Zmazané : C:\Program Files (x86)\TXQQBrowser
[-] Priečinok Zmazané : C:\Program Files (x86)\1E0089A0-1452897906-6400-1956-AC220BCDE10C
[-] Priečinok Zmazané : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Local\pokki
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Local\SwvUpdater
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Local\Legpat
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\eCyber
[#] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Elex-tech
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\FLV and Media Player
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\GoldenGate
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\GrabPro
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\mysites123
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\ProgSense
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Systweak
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\tencent
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Booking_helper
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\qksee
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\WinZiper
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Uncheckit
[#] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Tencent
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\extensions\arthurj8283@gmail.com
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\YourGSearchFinder_br
[-] Priečinok Zmazané : C:\Program Files\amdidx
[-] Priečinok Zmazané : C:\Users\Public\Documents\dmp
[-] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[#] Priečinok Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
***** [ Súbory ] *****
[-] Súbor Zmazané : C:\Users\Bax2013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[#] Súbor Zmazané : C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\searchplugins\mysites123.xml
[-] Súbor Zmazané : C:\Users\Bax2013\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] Súbor Zmazané : C:\Users\Bax2013\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] Súbor Zmazané : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] Súbor Zmazané : C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] Súbor Zmazané : C:\Windows\SysNative\drivers\iSafeNetFilter.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupcovia ] *****
[-] Zástupca Vyliečené : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[-] Zástupca Vyliečené : F:\Users\Bax2013\Desktop\Start Tor Browser.lnk
***** [ Naplánované úlohy ] *****
[-] Úloha Zmazané : ACGPro Update
[-] Úloha Zmazané : WinTaske
[-] Úloha Zmazané : Browser Updater Task(Core)
[-] Úloha Zmazané : UncheckitTaskMN
[-] Úloha Zmazané : UncheckitUpdateTaskC
[-] Úloha Zmazané : UncheckitUpdateTaskDB
***** [ Registre ] *****
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[-] Kľúč registra Zmazané : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Kľúč registra Zmazané : HKCU\Software\c303e0479e0fa306b370a871e601cc1e
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.001
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.z
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Hodnota Zmazané : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Kľúč registra Zmazané : HKCU\Software\Classes\pokki
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
[-] Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[-] Kľúč registra Zmazané : HKCU\Software\Conduit
[-] Kľúč registra Zmazané : HKCU\Software\GoldenGate
[-] Kľúč registra Zmazané : HKCU\Software\Linkey
[-] Kľúč registra Zmazané : HKCU\Software\Myfree Codec
[-] Kľúč registra Zmazané : HKCU\Software\OB
[-] Kľúč registra Zmazané : HKCU\Software\Pokki
[-] Kľúč registra Zmazané : HKCU\Software\PRODUCTSETUP
[-] Kľúč registra Zmazané : HKCU\Software\ProgSense
[-] Kľúč registra Zmazané : HKCU\Software\Softonic
[-] Kľúč registra Zmazané : HKCU\Software\csastats
[-] Kľúč registra Zmazané : HKCU\Software\Uncheckit
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\downchecker
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Elex-tech
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\hdcode
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Myfree Codec
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\SmdmF
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Surftastic
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\SystemK
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\yessearchesSoftware
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\qkseeSvc
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\qksee
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Uncheckit
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\downchecker
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Kľúč registra Zmazané : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Kľúč registra Zmazané : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[#] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Dáta Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Dáta Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com
[-] Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Pokki
[-] Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\pcmgr
[-] Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
***** [ Webové prehliadače ] *****
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.ts", "1470036402");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.uid", "st4000dm000-1f2168_z300dq0kxxxxz300dq0k");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... g2z0mce1e7[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\prefs.js] Zmazané : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.ts", "1470036402");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.uid", "st4000dm000-1f2168_z300dq0kxxxxz300dq0k");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... g2z0mce1e7[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\0zymj2qe.default\user.js] Zmazané : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.defaultenginename.US", "data:text/plain,browser.search.defaultenginename.US=yessearches");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpAXUtBnUqBE. ... =ffsengext");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffs ... v=20160114");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.ts", "1470036402");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.uid", "st4000dm000-1f2168_z300dq0kxxxxz300dq0k");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... g2z0mce1e7[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE", "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224520316,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.browser.version.last", "43.0");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.firstKnownVersion", "7.38.8.45986");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.homepage", "/index.jhtml?n=7829e503");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.hp.enabled", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.hp.guardType", "HPR");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.initialized", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.installation.installDate", "2016011523");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.installation.success", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.lastActivePing", "1452938737157");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.lastKnownVersion", "7.38.8.45986");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.lssState", "{\"previousLocales\":[\"sk\",\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\"[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.options.defaultSearch", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.options.homePageEnabled", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.options.keywordEnabled", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.options.tabEnabled", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language", "en");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type", "Toolbar");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.searchHistory", "jano");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.shownUninstall", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.startupTasks", "{\"clearPrefs\":[\"extensions.toolbar.mindspark._brMembers_.shownUninstall\"],\"undoDisableHPGuard\":[\"true\"]}");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.successUrl", "hxxp://www.yessearches.com/chrome.php?uid=EA15 ... ttoolbar&q[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.toolbarCollapsed", true);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark._brMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Bax2013\\\\AppData\\[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("extensions.toolbar.mindspark.lastInstalled", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Zmazané : user_pref("keyword.URL", "hxxp://www.yessearches.com/chrome.php?uid=EA15 ... toolbar&q=");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.ts", "1470036402");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.uid", "st4000dm000-1f2168_z300dq0kxxxxz300dq0k");
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... g2z0mce1e7[...]
[-] [C:\Users\Bax2013\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Zmazané : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1467174 ... 5mfzac9tcm");
[-] [C:\Users\Bax2013\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Zmazané : hxxp://www.nicesearches.com?type=hp&ts=1467624 ... 7o1z0m5eam
*************************
:: "Tracing" kľúče zmazané
:: Nastavenia Winsock resetované.
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [31595 bajtov] - [08/08/2016 21:43:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [34129 bajtov] - [08/08/2016 21:40:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [31745 bajtov] ##########
Re: Prosím o kontrolu CPU 100%
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 10. 8. 2016
Čas skenování: 1:33
Protokol:
Správce: Ano
Verze: 0.0.0.0000
Databáze malwaru: v2016.08.09.12
Databáze rootkitů: v2016.08.09.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Bax2013
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 842960
Uplynulý čas: 2 hod, 16 min, 6 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 10. 8. 2016
Čas skenování: 1:33
Protokol:
Správce: Ano
Verze: 0.0.0.0000
Databáze malwaru: v2016.08.09.12
Databáze rootkitů: v2016.08.09.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Bax2013
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 842960
Uplynulý čas: 2 hod, 16 min, 6 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu CPU 100%
Malwarebytes Anti-Malware
www.malwarebytes.org
Detection, 10. 8. 2016 0:12, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f61a3a0f4159b77f7ae29d865ea3e31d]
Detection, 10. 8. 2016 0:13, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [eb252524ecae6fc7451738eb06fb19e7]
Detection, 10. 8. 2016 0:41, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll, Quarantine Failed, 5, Prístup je odmietnutý. , [69a74aff6832ae8881cb830c32d2e51b]
Detection, 10. 8. 2016 0:42, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f61a3a0f4159b77f7ae29d865ea3e31d]
Detection, 10. 8. 2016 1:12, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f61a3a0f4159b77f7ae29d865ea3e31d]
Detection, 10. 8. 2016 1:13, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [eb252524ecae6fc7451738eb06fb19e7]
Update, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Scheduler, IP Database, 2016.8.6.1, 2016.8.9.1,
Update, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Scheduler, Domain Database, 2016.8.9.4, 2016.8.9.5,
Protection, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 1:34, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 1:34, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 1:34, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Detection, 10. 8. 2016 1:42, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f0202c1da2f8a3934814899a9c6505fb]
Detection, 10. 8. 2016 2:12, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f0202c1da2f8a3934814899a9c6505fb]
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57584, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57584, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57585, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57611, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57631, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57632, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57646, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57658, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57659, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57660, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Scheduler, Failed, No Internet connection detected,
Detection, 10. 8. 2016 6:26, Bax2013, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f0202c1da2f8a3934814899a9c6505fb]
Detection, 10. 8. 2016 6:26, Bax2013, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll, Quarantine Failed, 5, Prístup je odmietnutý. , [5db39dacfc9e2016c08c4f400bf9d927]
Update, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Scheduler, Malware Database, 2016.8.9.12, 2016.8.10.1,
Protection, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 6:27, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 6:27, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 6:27, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Scan, 10. 8. 2016 6:27, SYSTEM, BAX2013-PC, Context, Začátek: 10. 8. 2016 6:26, Doba trvání: 0 min 44 sekund, Sken hrozeb, Zrušeno, Detekce malwaru 0, Detekce jiných hrozeb 0,
Detection, 10. 8. 2016 6:46, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58035, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:46, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58035, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:46, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58036, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:46, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58037, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:47, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58214, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:47, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58215, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:47, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58254, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:47, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58255, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:48, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.145, f.asdfzxcv1312.com, 58309, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:48, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.145, f.asdfzxcv1312.com, 58309, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:48, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.145, f.asdfzxcv1312.com, 58310, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 21:52, SYSTEM, BAX2013-PC, Scheduler, Failed, No Internet connection detected,
Detection, 10. 8. 2016 21:52, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [3a2f163321793501e676d74c30d145bb]
Detection, 10. 8. 2016 21:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.94, f.asdfzxcv1312.com, 58429, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 21:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.94, f.asdfzxcv1312.com, 58429, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 21:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.94, f.asdfzxcv1312.com, 58430, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Scheduler, IP Database, 2016.8.9.1, 2016.8.10.1,
Update, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Scheduler, Domain Database, 2016.8.9.5, 2016.8.10.2,
Update, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Scheduler, Malware Database, 2016.8.10.1, 2016.8.10.10,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Detection, 10. 8. 2016 22:08, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.86, f.asdfzxcv1312.com, 59089, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:08, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.86, f.asdfzxcv1312.com, 59089, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:08, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.86, f.asdfzxcv1312.com, 59090, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:08, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.86, f.asdfzxcv1312.com, 59092, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:17, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59285, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:17, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59286, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:17, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59285, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Scheduler, Malware Database, 2016.8.10.10, 2016.8.10.11,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Detection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59366, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59367, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59366, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59368, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59442, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59443, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59444, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:20, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59530, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:20, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59531, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59615, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59616, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Scheduler, Malware Database, 2016.8.10.11, 2016.8.10.12,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59721, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59721, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59722, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59725, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59748, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59769, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59770, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [5e16ec5dc7d3999db1ab869df40d16ea]
Detection, 10. 8. 2016 22:23, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll, Quarantine Failed, 5, Prístup je odmietnutý. , [2c48f851f4a6c96d3f090e81a55f3dc3]
Detection, 10. 8. 2016 22:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60038, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60038, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60039, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60103, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60104, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60105, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:52, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [5e16ec5dc7d3999db1ab869df40d16ea]
Detection, 10. 8. 2016 22:54, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll, Quarantine Failed, 5, Prístup je odmietnutý. , [2c48f851f4a6c96d3f090e81a55f3dc3]
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60974, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60975, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61034, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61044, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61045, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61055, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61056, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61067, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61068, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61126, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61127, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:22, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [5e16ec5dc7d3999db1ab869df40d16ea]
Detection, 10. 8. 2016 23:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61270, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61270, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61271, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61299, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:30, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61367, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:30, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61368, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:30, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61369, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:52, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [5e16ec5dc7d3999db1ab869df40d16ea]
Detection, 10. 8. 2016 23:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 61775, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 61776, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
(end)
www.malwarebytes.org
Detection, 10. 8. 2016 0:12, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f61a3a0f4159b77f7ae29d865ea3e31d]
Detection, 10. 8. 2016 0:13, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [eb252524ecae6fc7451738eb06fb19e7]
Detection, 10. 8. 2016 0:41, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll, Quarantine Failed, 5, Prístup je odmietnutý. , [69a74aff6832ae8881cb830c32d2e51b]
Detection, 10. 8. 2016 0:42, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f61a3a0f4159b77f7ae29d865ea3e31d]
Detection, 10. 8. 2016 1:12, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f61a3a0f4159b77f7ae29d865ea3e31d]
Detection, 10. 8. 2016 1:13, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [eb252524ecae6fc7451738eb06fb19e7]
Update, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Scheduler, IP Database, 2016.8.6.1, 2016.8.9.1,
Update, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Scheduler, Domain Database, 2016.8.9.4, 2016.8.9.5,
Protection, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 1:33, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 1:34, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 1:34, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 1:34, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Detection, 10. 8. 2016 1:42, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f0202c1da2f8a3934814899a9c6505fb]
Detection, 10. 8. 2016 2:12, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f0202c1da2f8a3934814899a9c6505fb]
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57584, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57584, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57585, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57611, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57631, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57632, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57646, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57658, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57659, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 2:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.143, f.asdfzxcv1312.com, 57660, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Scheduler, Failed, No Internet connection detected,
Detection, 10. 8. 2016 6:26, Bax2013, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [f0202c1da2f8a3934814899a9c6505fb]
Detection, 10. 8. 2016 6:26, Bax2013, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll, Quarantine Failed, 5, Prístup je odmietnutý. , [5db39dacfc9e2016c08c4f400bf9d927]
Update, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Scheduler, Malware Database, 2016.8.9.12, 2016.8.10.1,
Protection, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 6:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 6:27, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 6:27, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 6:27, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Scan, 10. 8. 2016 6:27, SYSTEM, BAX2013-PC, Context, Začátek: 10. 8. 2016 6:26, Doba trvání: 0 min 44 sekund, Sken hrozeb, Zrušeno, Detekce malwaru 0, Detekce jiných hrozeb 0,
Detection, 10. 8. 2016 6:46, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58035, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:46, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58035, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:46, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58036, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:46, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58037, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:47, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58214, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:47, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58215, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:47, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58254, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:47, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.59.27, f.asdfzxcv1312.com, 58255, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:48, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.145, f.asdfzxcv1312.com, 58309, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:48, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.145, f.asdfzxcv1312.com, 58309, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 6:48, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.145, f.asdfzxcv1312.com, 58310, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 21:52, SYSTEM, BAX2013-PC, Scheduler, Failed, No Internet connection detected,
Detection, 10. 8. 2016 21:52, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [3a2f163321793501e676d74c30d145bb]
Detection, 10. 8. 2016 21:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.94, f.asdfzxcv1312.com, 58429, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 21:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.94, f.asdfzxcv1312.com, 58429, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 21:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.94, f.asdfzxcv1312.com, 58430, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Scheduler, IP Database, 2016.8.9.1, 2016.8.10.1,
Update, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Scheduler, Domain Database, 2016.8.9.5, 2016.8.10.2,
Update, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Scheduler, Malware Database, 2016.8.10.1, 2016.8.10.10,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 21:56, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Detection, 10. 8. 2016 22:08, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.86, f.asdfzxcv1312.com, 59089, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:08, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.86, f.asdfzxcv1312.com, 59089, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:08, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.86, f.asdfzxcv1312.com, 59090, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:08, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 198.7.58.86, f.asdfzxcv1312.com, 59092, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:17, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59285, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:17, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59286, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:17, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59285, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Scheduler, Malware Database, 2016.8.10.10, 2016.8.10.11,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Detection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59366, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59367, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59366, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59368, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59442, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59443, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59444, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:20, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59530, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:20, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59531, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59615, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59616, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Update, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Scheduler, Malware Database, 2016.8.10.11, 2016.8.10.12,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Refresh, Starting,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopping,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Stopped,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Refresh, Success,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Starting,
Protection, 10. 8. 2016 22:21, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Started,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59721, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59721, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59722, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59725, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59748, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59769, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 59770, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:22, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [5e16ec5dc7d3999db1ab869df40d16ea]
Detection, 10. 8. 2016 22:23, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll, Quarantine Failed, 5, Prístup je odmietnutý. , [2c48f851f4a6c96d3f090e81a55f3dc3]
Detection, 10. 8. 2016 22:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60038, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60038, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:28, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60039, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60103, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60104, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:29, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60105, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 22:52, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [5e16ec5dc7d3999db1ab869df40d16ea]
Detection, 10. 8. 2016 22:54, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll, Quarantine Failed, 5, Prístup je odmietnutý. , [2c48f851f4a6c96d3f090e81a55f3dc3]
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60974, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 60975, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61034, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61044, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61045, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61055, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61056, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61067, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:18, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61068, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61126, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:19, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.141, f.asdfzxcv1312.com, 61127, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:22, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [5e16ec5dc7d3999db1ab869df40d16ea]
Detection, 10. 8. 2016 23:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61270, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61270, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61271, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:26, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61299, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:30, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61367, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:30, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61368, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:30, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 108.59.4.164, f.asdfzxcv1312.com, 61369, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:52, SYSTEM, BAX2013-PC, Protection, Ochrana proti malwaru, Soubor, FraudTool.YAC, C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe, Quarantine Failed, 5, Prístup je odmietnutý. , [5e16ec5dc7d3999db1ab869df40d16ea]
Detection, 10. 8. 2016 23:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 61775, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
Detection, 10. 8. 2016 23:53, SYSTEM, BAX2013-PC, Protection, Malicious Website Protection, Domain, 207.244.65.144, f.asdfzxcv1312.com, 61776, Outbound, C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe,
(end)
Re: Prosím o kontrolu CPU 100%
s tým adwcleaner_5.201 to nebol dobrý nápad z Firefoxu odstránilo profil a ked vytvorým nový neviem či tam mám všetko
hmmm
hmmm
Re: Prosím o kontrolu CPU 100%
Hmmm, cekal jsem, zda dostanu odpoved na svou otazku, ale asi ne.
ADWCleaner profil nemaze, pokud neni nakazeny (a haveti tam bylo az az). A i kdyby nahodou, dela zalohu, takze neni problem to obnovit.
ADWCleaner profil nemaze, pokud neni nakazeny (a haveti tam bylo az az). A i kdyby nahodou, dela zalohu, takze neni problem to obnovit.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu CPU 100%
Inak vďaka. Firefox som rozchodil o nič som neprišiel. Tieto dva programy mi otvorili oči....
Re: Prosím o kontrolu CPU 100%
Tak aspon neco
Nicmene odpovedi na otazku na legalitu systemu se vyhybate jako cert krizi, coz naznacuje jasnou odpoved a tedy dalsi cisteni neni mozne
Nicmene odpovedi na otazku na legalitu systemu se vyhybate jako cert krizi, coz naznacuje jasnou odpoved a tedy dalsi cisteni neni mozne
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?