Zavirovany notebook

Zpráva

LolaBe · #16 Příspěvek od **LolaBe** » 21 srp 2015 20:10

Zdravím,

tak jsem měla konečně čas notebook trochu otestovat a není ještě v pohodě.
Pořád se zasekává a šnek je rychlejší než můj notebook, při surfování na netu se to
dá s pevnýma nervama přežít ale jak chci po něm něco jinýho, tak je totálně na rozbití.

Nedej bože když otevřu nějaký adobe program, tak to je ještě větší katastrofa.

A vybíjenou mám hodně často chuť s ním hrát.

Ale nee, ty otřesy budou zřejmě kvůli
tomu, že noťas dost často přemísťuju a často s ním lítam, takže tam si zažije opravdu hoodně otřesů.

Ráda bych poprosila, jestli by bylo možný, noťas ještě trochu zrychlit a najít kde je problém?
Moc, moc děkuji

#17 Příspěvek od **Márty84** » 21 srp 2015 20:44

Jestli je problem v tom disku, cisteni nepomuze. Uvidime.

Postupujte podle navodu kolegy

vyosek píše: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulozte nejlepe na plochu

Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu

Probehne vytvoreni zalohy a nasledne prohledavani

Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Kód: Vybrat vše
autoclean;
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

LolaBe · #18 Příspěvek od **LolaBe** » 25 srp 2015 22:50

Zdravim a posilam dva vysledne logy.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 8.1 x64
Ran by Zuzana on po 24. 08. 2015 at 0:15:10,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1DBE9F9CF71F74917805764D0AEB13B5

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted: [File] C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\ckunuyrk.default\extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
Successfully deleted: [Folder] C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\ckunuyrk.default\smartbar
Successfully deleted the following from C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\ckunuyrk.default\prefs.js

user_pref(CT2269050.1000082.isPlayDisplay, true);
user_pref(CT2269050.1000234.TWC_TMP_city, MECHELEN);
user_pref(CT2269050.1000234.TWC_TMP_country, BE);
user_pref(CT2269050.1000234.TWC_country, BELGIUM);
user_pref(CT2269050.1000234.TWC_locId, BEXX0013);
user_pref(CT2269050.1000234.TWC_location, Mechelen, Belgium);
user_pref(CT2269050.1000234.TWC_region, OT);
user_pref(CT2269050.1000234.TWC_temp_dis, c);
user_pref(CT2269050.1000234.TWC_wind_dis, kmh);
user_pref(CT2269050.FF19Solved, true);
user_pref(CT2269050.FirstTime, true);
user_pref(CT2269050.FirstTimeFF3, true);
user_pref(CT2269050.PG_ENABLE, dHJ1ZQ==);
user_pref(CT2269050.PG_ENABLE.enc, dHJ1ZQ==);
user_pref(CT2269050.SearchAppState.enc, Mg==);
user_pref(CT2269050.UserID, UN41648435683010320);
user_pref(CT2269050.addressBarTakeOverEnabledInHidden, true);
user_pref(CT2269050.autoDisableScopes, -1);
user_pref(CT2269050.browser.search.defaultthis.engineName, true);
user_pref(CT2269050.cbfirsttime.enc, VHVlIE1heSAyMSAyMDEzIDE4OjAyOjE3IEdNVCswMjAwIChSb21hbmNlIERheWxpZ2h0IFRpbWUp);
user_pref(CT2269050.countryCode, BE);
user_pref(CT2269050.enableFix404ByUser, TRUE);
user_pref(CT2269050.firstTimeDialogOpened, true);
user_pref(CT2269050.fixPageNotFoundErrorByUser, TRUE);
user_pref(CT2269050.fixPageNotFoundErrorInHidden, true);
user_pref(CT2269050.fixUrls, true);
user_pref(CT2269050.fullUserID, UN41648435683010320.UP.20130907152426);
user_pref(CT2269050.homepageuserchanged, true);
user_pref(CT2269050.installDate, 26/4/2013 14:04:55);
user_pref(CT2269050.installSessionId, -1);
user_pref(CT2269050.installSp, false);
user_pref(CT2269050.installType, Unknown);
user_pref(CT2269050.installUsage, 2013-05-21T18:59:11.8986836+03:00);
user_pref(CT2269050.installUsageEarly, 2013-05-21T18:59:09.7302697+03:00);
user_pref(CT2269050.installerVersion, 1.4.1.3);
user_pref(CT2269050.isCheckedStartAsHidden, true);
user_pref(CT2269050.isFirstTimeToolbarLoading, false);
user_pref(CT2269050.keyword, true);
user_pref(CT2269050.lastVersion, 10.22.3.518);
user_pref(CT2269050.mam_gk_appStateReportTime, %B7%BA%B6%BC%BF%B9%BD%B8%B8%B9%BB%BD%B8);
user_pref(CT2269050.mam_gk_appStateReportTime.enc, MTQwNjkzNzIyMzU3Mg==);
user_pref(CT2269050.mam_gk_appState_Clarity_Active, %F5%F4);
user_pref(CT2269050.mam_gk_appState_Clarity_Active.enc, b24=);
user_pref(CT2269050.mam_gk_appState_CouponBuddy.enc, b24=);
user_pref(CT2269050.mam_gk_appState_Easytobook.enc, b24=);
user_pref(CT2269050.mam_gk_appState_Easytobook_targeted.enc, b24=);
user_pref(CT2269050.mam_gk_appState_PriceGong.enc, b24=);
user_pref(CT2269050.mam_gk_appsConfig.enc, eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJFYXN5dG9ib29rX3RhcmdldGVkIiwidXJsIjoiaHR0cDovL2NvbmQwMS5ldGJ4bWwuY29tL2NvbmR1aXRfYnVuZGxlL
user_pref(CT2269050.mam_gk_appsDefaultEnabled, %F4%FB%F2%F2);
user_pref(CT2269050.mam_gk_appsDefaultEnabled.enc, bnVsbA==);
user_pref(CT2269050.mam_gk_currentVersion, %B7%B4%B7%B9%B4%B6%B4%B7%BD);
user_pref(CT2269050.mam_gk_currentVersion.enc, MS4xMy4wLjE3);
user_pref(CT2269050.mam_gk_existingUsersRecoveryDone.enc, MQ==);
user_pref(CT2269050.mam_gk_first_time, %B7);
user_pref(CT2269050.mam_gk_first_time.enc, MQ==);
user_pref(CT2269050.mam_gk_globalKeysMigratedToLocalStorage, %B7);
user_pref(CT2269050.mam_gk_globalKeysMigratedToLocalStorage.enc, MQ==);
user_pref(CT2269050.mam_gk_installer_preapproved.enc, dHJ1ZQ==);
user_pref(CT2269050.mam_gk_lastLoginTime, %B7%BA%B6%BC%BF%B9%BD%B8%B8%BA%B6%B8%B7);
user_pref(CT2269050.mam_gk_lastLoginTime.enc, MTQwNjkzNzIyNDAyMQ==);
user_pref(CT2269050.mam_gk_localization.enc, eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXB
user_pref(CT2269050.mam_gk_pgUnloadedOnce.enc, dHJ1ZQ==);
user_pref(CT2269050.mam_gk_settings1.10.2.5.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjo
user_pref(CT2269050.mam_gk_settings1.10.4.0.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjo
user_pref(CT2269050.mam_gk_settings1.11.4.2, %u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%
user_pref(CT2269050.mam_gk_settings1.11.4.2.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMTkiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjU0XzAiLCJpc1Rlc3Q
user_pref(CT2269050.mam_gk_settings1.12.0.5, %u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%
user_pref(CT2269050.mam_gk_settings1.12.0.5.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEyMzAiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjU0XzAiLCJpc1Rlc3Q
user_pref(CT2269050.mam_gk_settings1.13.0.17, %u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7
user_pref(CT2269050.mam_gk_settings1.13.0.17.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxNDA4MDIiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjU0XzAiLCJSVEsiOi
user_pref(CT2269050.mam_gk_settings1.6.0.1.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMzAzXzEiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVu
user_pref(CT2269050.mam_gk_settings1.8.0.4.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoi
user_pref(CT2269050.mam_gk_settings1.9.0.4.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoi
user_pref(CT2269050.mam_gk_showCloseButton.enc, dHJ1ZQ==);
user_pref(CT2269050.mam_gk_showWelcomeGadget, %EC%E7%F2%F9%EB);
user_pref(CT2269050.mam_gk_showWelcomeGadget.enc, ZmFsc2U=);
user_pref(CT2269050.mam_gk_stamp, %BB%BA%E5%B6);
user_pref(CT2269050.mam_gk_stamp.enc, NTRfMA==);
user_pref(CT2269050.mam_gk_userBornDate, %D4%B5%C7);
user_pref(CT2269050.mam_gk_userBornDate.enc, Ti9B);
user_pref(CT2269050.mam_gk_userId, %BD%EB%EC%BC%EB%BD%E9%BB%B3%B8%BC%BB%BA%B3%BA%B7%B8%B8%B3%E8%B8%EC%BA%B3%E7%BC%B6%B8%B9%E7%EB%B9%B6%BF%E7%BA);
user_pref(CT2269050.mam_gk_userId.enc, N2VmNmU3YzUtMjY1NC00MTIyLWIyZjQtYTYwMjNhZTMwOWE0);
user_pref(CT2269050.mam_gk_user_approval_interacted, %B7);
user_pref(CT2269050.mam_gk_user_approval_interacted.enc, MQ==);
user_pref(CT2269050.mam_gk_welcomeDialogMode, %B7);
user_pref(CT2269050.mam_gk_welcomeDialogMode.enc, MQ==);
user_pref(CT2269050.migrateAppsAndComponents, true);
user_pref(CT2269050.openThankYouPage, FALSE);
user_pref(CT2269050.openUninstallPage, FALSE);
user_pref(CT2269050.price-gong.isManagedApp, true);
user_pref(CT2269050.search.searchAppId, 128834881989343895);
user_pref(CT2269050.search.searchCount, 0);
user_pref(CT2269050.searchFromAddressBarEnabledByUser, true);
user_pref(CT2269050.searchInNewTabEnabledByUser, true);
user_pref(CT2269050.searchInNewTabEnabledInHidden, true);
user_pref(CT2269050.searchRevert, false);
user_pref(CT2269050.searchSuggestEnabledByUser, true);
user_pref(CT2269050.searchUserMode, 2);
user_pref(CT2269050.serviceLayer_services_Configuration_lastUpdate, 1406937219054);
user_pref(CT2269050.serviceLayer_services_appTrackingFirstTime_lastUpdate, 1406937218215);
user_pref(CT2269050.serviceLayer_services_appsMetadata_lastUpdate, 1406937218210);
user_pref(CT2269050.serviceLayer_services_gottenAppsContextMenu_lastUpdate, 1406937215153);
user_pref(CT2269050.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate, 1369151950601);
user_pref(CT2269050.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate, 1369151952758);
user_pref(CT2269050.serviceLayer_services_location_lastUpdate, 1377945692762);
user_pref(CT2269050.serviceLayer_services_login_10.15.310.1_lastUpdate, 1377934917611);
user_pref(CT2269050.serviceLayer_services_login_10.19.2.505_lastUpdate, 1378749180545);
user_pref(CT2269050.serviceLayer_services_login_10.20.0.513_lastUpdate, 1384893614483);
user_pref(CT2269050.serviceLayer_services_login_10.22.3.518_lastUpdate, 1406937212061);
user_pref(CT2269050.serviceLayer_services_otherAppsContextMenu_lastUpdate, 1406937218219);
user_pref(CT2269050.serviceLayer_services_searchAPI_lastUpdate, 1406937218754);
user_pref(CT2269050.serviceLayer_services_serviceMap_lastUpdate, 1406937212164);
user_pref(CT2269050.serviceLayer_services_toolbarContextMenu_lastUpdate, 1406937214996);
user_pref(CT2269050.serviceLayer_services_toolbarSettings_lastUpdate, 1406937215187);
user_pref(CT2269050.serviceLayer_services_translation_lastUpdate, 1406937215137);
user_pref(CT2269050.settingsINI, true);
user_pref(CT2269050.shouldFirstTimeDialog, FALSE);
user_pref(CT2269050.showToolbarPermission, false);
user_pref(CT2269050.toolbarBornServerTime, 21-5-2013);
user_pref(CT2269050.toolbarCurrentServerTime, 2-8-2014);
user_pref(CT2269050.toolbarLoginClientTime, Tue May 21 2013 17:59:12 GMT+0200 (Romance Daylight Time));
user_pref(CT2269050.url_history0001.enc, aHR0cDovL3d3dy5sZW90di5jei9zdGFydG92YWNrYS5waHA/bG9jYWxlcz0yJmlkX3BhZ2U9MjMyNCZpZF9wcmV2aW91c19wYWdlPTIzMTgmbm9jYWNoZT0xMzY5MjQ2MzM
user_pref(CT2269050.versionFromInstaller, 10.15.310.1);
user_pref(browser.search.defaulturl, hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&);
user_pref(extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledUrls.value, %7B%22dealply_s%22%3A%7B%22url
user_pref(keyword.URL, hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&);

~~~ Chrome

[C:\Users\Zuzana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Zuzana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Zuzana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Zuzana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 24. 08. 2015 at 0:23:24,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Zuzana on po 24. 08. 2015 at 0:36:45,65.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Zuzana\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

24. 8. 2015 0:40:36 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Pando Networks deleted successfully
C:\PROGRA~2\VstPlugins deleted successfully
C:\Program Files\mcafee deleted successfully
C:\PROGRA~3\ArcSoft deleted successfully
C:\PROGRA~3\Avid deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\Movavi deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Sony deleted successfully
C:\Users\Zuzana\AppData\Roaming\com.adobe.AdobeMuseCC.2015.0 deleted successfully
C:\Users\Zuzana\AppData\Roaming\Opera Software deleted successfully
C:\Users\Zuzana\AppData\Roaming\SynthMaker deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
C:\Users\Zuzana\AppData\Local\Deshaker deleted successfully
C:\Users\Zuzana\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Zuzana\AppData\Local\EmieSiteList deleted successfully
C:\Users\Zuzana\AppData\Local\EmieUserList deleted successfully
C:\Users\Zuzana\AppData\Local\Opera Software deleted successfully
C:\Users\Zuzana\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1261800056-1722273939-4180883429-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default\prefs.js:
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default

user.js not found
---- Lines a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253 removed from prefs.js ----
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.active", true);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.addressbar", "NA");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.addressbarenhanced", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.asyncdb.was_copied", "true");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.asyncinternaldb.was_copied", "true");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.backgroundver", 20);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.certdomaininstaller", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.InstallationTime.value", "%221438185515%22");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:0
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.InstallerParams.value", "%7B%22source_id%22%3A%220
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.load_balancer.expiration", "Thu Jul 30 2015 23:52:
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.load_balancer.value", "%22%7B%20%5C%22Status%5C%22
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.previous_page.expiration", "Fri Feb 01 2030 00:00:
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.previous_page.value", "%22http%3A//forum.viry.cz/v
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.user_id.expiration", "Fri Feb 01 2030 00:00:00 GMT
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.user_id.value", "%2214edfa98b5f2a5fde50660465204e1
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.description", "Lights out for YouTube");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.domain", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.enablesearch", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.homepage", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.changeprevious", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.iframe", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.InstallationThankYouPage", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.InstallationTime", 1438185515);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.__defualt_browser__.value", "%22ch%22");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb._installer_additional_info.expiration", "Fri F
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb._installer_additional_info.value", "%7B%22asw%
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.installer.value", "%7B%22InstallerIdentifiers%
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerIdentifiers.value", "%7B%22installer_
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerParams.expiration", "Fri Feb 01 2030
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerParams.value", "%7B%22source_id%22%3A
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerParamsCache.expiration", "Fri Feb 01
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerParamsCache.value", "%7B%22source_id%
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerUserIdentifiersCache.expiration", "Fr
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerUserIdentifiersCache.value", "%7B%22i
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledUrls.expiration", "
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledWithHash.expiration
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledWithHash.value", "n
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_notBundledArr_.expiration"
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_notBundledArr_.value", "%5
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_regBundledWithSoftware.exp
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_regBundledWithSoftware.val
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.reporting_user_key_index.expiration", "Sun Jul
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.reporting_user_key_index.value", "522");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_appVer.value", "79");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_lastVersion.expiration", "Fri Feb 01
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 0
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_nextCheck.expiration", "Thu Jul 30 2
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_queue.expiration", "Fri Feb 01 2030
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.lastDailyReport", "1438271512572");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.lastUpdate", "1438271511696");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.manifesturl", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.name", "Cinem Plus 2.4cV29.07");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.newtab", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.opensearch", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.pluginsurl", "http://js.globalnodemax.com/plugin/apps/742
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.pluginsversion", 56);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.publisher", "Cinema Plus ProV29.07");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.searchstatus", 0);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.setnewtab", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.thankyou", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.updateinterval", 360);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.ver", 79);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.apps", "74253");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.bic", "14edfa98b5f2a5fde50660465204e1a4");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.cid", 74253);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.firstrun", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.hadappinstalled", true);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.installationdate", 1438271507);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.installerAdditionalInfo", "{\"asw\":[67108866, -2147483643, 409
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.modetype", "production");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.reportInstall", true);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.statsDailyCounter", 1);
---- Lines extensions.51c40de2f22ce removed from prefs.js ----
user_pref("extensions.51c40de2f22ce.epoch", "1373443979");
user_pref("extensions.51c40de2f22ce.url", "http://getjpit.info/sync2/?ext=824&pid= ... d=42258728
---- Lines extensions.51c40e590d474 removed from prefs.js ----
user_pref("extensions.51c40e590d474.epoch", "1373443979");
user_pref("extensions.51c40e590d474.scode", "void(0);");
user_pref("extensions.51c40e590d474.url", "http://getjpi1.info/sync2/?ext=wbn&pid= ... d=42258728
---- Lines extensions.51c413519685a removed from prefs.js ----
user_pref("extensions.51c413519685a.epoch", "1373443979");
user_pref("extensions.51c413519685a.url", "http://getjpiproxy.info/sync2/?ext=824& ... 7&ind=4225
---- Lines extensions.51c4137264dff removed from prefs.js ----
user_pref("extensions.51c4137264dff.epoch", "1373443979");
user_pref("extensions.51c4137264dff.scode", "void(0);");
user_pref("extensions.51c4137264dff.url", "http://getproxy5.info/sync2/?ext=wbn&pi ... ind=422587
---- FireFox user.js and prefs.js backups ----

prefs_201524.08._0106_.backup

==== Batch Command(s) Run By Tool======================

C:\WINDOWS\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Pando Networks not found
C:\PROGRA~2\VstPlugins not found
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\install.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\Users\Zuzana\AppData\Roaming\__AvidCloudManager.log deleted
C:\Users\Zuzana\AppData\Roaming\__AvidCloudManagerPrevious.log deleted
C:\PROGRA~3\Wondershare Video Editor deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Zuzana\AppData\Local\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestart_chrome.exe deleted
C:\Users\Zuzana\AppData\LocalLow\SearchNewTab deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\WINDOWS\SysWow64\searchplugins deleted
C:\WINDOWS\SysWow64\Extensions deleted
C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default\CT2269050 deleted
C:\Users\Zuzana\AppData\Local\MSGBOX.EXE deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03. 08. 2015 21:00]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Chromium Look ======================

Google Chrome Version: 44.0.2403.157

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23. 04. 2015 16:54]

Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Avast Online Security - Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Startpages ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://sony13.msn.com/",

C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Preferences
\"width_microns\":90000},{\"custom_display_name\":\"Youkei 4 105x235mm\",\"height_microns\":235000,\"name\":\"JPN_YOU4\",\"vendor_id\":\"91\",\"width_microns\":105000},{\"custom_display_name\":\"Youkei 6 98x190mm\",\"height_microns\":190000,\"name\":\"NA_MONARCH\",\"vendor_id\":\"125\",\"width_microns\":98000},{\"custom_display_name\":\"Karta 55x91mm 2.16\\\"x3.58\\\"\",\"height_microns\":91000,\"vendor_id\":\"126\",\"width_microns\":55000},{\"custom_display_name\":\"Wide 101.6x180.6mm 4\\\"x7.1\\\"\",\"height_microns\":180600,\"vendor_id\":\"127\",\"width_microns\":101600},{\"custom_display_name\":\"Letter+ (Měřítko)\",\"height_microns\":337800,\"vendor_id\":\"272\",\"width_microns\":228600},{\"custom_display_name\":\"279.4x431.8mm 11\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"name\":\"NA_LEDGER\",\"vendor_id\":\"3\",\"width_microns\":279400},{\"custom_display_name\":\"342.9x431.8mm 13.5\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"262\",\"width_microns\":342900},{\"custom_display_name\":\"431.8x558.8mm 17\\\"x22\\\" (Měřítko)\",\"height_microns\":558800,\"name\":\"NA_C\",\"vendor_id\":\"24\",\"width_microns\":431800},{\"custom_display_name\":\"A4+ (Měřítko)\",\"height_microns\":355600,\"vendor_id\":\"273\",\"width_microns\":222700},{\"custom_display_name\":\"A3 (Měřítko)\",\"height_microns\":420000,\"name\":\"ISO_A3\",\"vendor_id\":\"8\",\"width_microns\":297000},{\"custom_display_name\":\"A3+ 13\\\"x19\\\" 329x483mm (Měřítko)\",\"height_microns\":483000,\"vendor_id\":\"274\",\"width_microns\":329000},{\"custom_display_name\":\"A2 (Měřítko)\",\"height_microns\":594000,\"name\":\"ISO_A2\",\"vendor_id\":\"66\",\"width_microns\":420000},{\"custom_display_name\":\"B4 (Měřítko)\",\"height_microns\":364000,\"name\":\"JIS_B4\",\"vendor_id\":\"12\",\"width_microns\":257000},{\"custom_display_name\":\"B3 (Měřítko)\",\"height_microns\":515000,\"name\":\"JIS_B3\",\"vendor_id\":\"257\",\"width_microns\":364000},{\"custom_display_name\":\"25x30cm 10\\\"x12\\\" (Měřítko)\",\"height_microns\":304800,\"vendor_id\":\"297\",\"width_microns\":254000},{\"custom_display_name\":\"36x43cm 14\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"296\",\"width_microns\":355600}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"selectedDestinationExtensionId\":\"\"}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"[*.]www.hellspy.cz,*":{"setting":1}},"cookies":{},"fullscreen":{"[*.]www.ekospace.cz,*":{"setting":1},"[*.]www1.netflix.com,*":{"setting":1},"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"setting":1},"https://[*.]khanovaskola.cz:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{"https://www.blogger.com:443,https://www.blogger.com:443":{"setting":2}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]tv.blbne.cz,*":{"setting":1},"[*.]www.spusti.net,*":{"setting":1},"[*.]www.zapni.tv,*":{"setting":1},"[*.]yelotv.be,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]tv.blbne.cz,*":{"plugins":1},"[*.]www.ekospace.cz,*":{"fullscreen":1},"[*.]www.hellspy.cz,*":{"multiple-automatic-downloads":1},"[*.]www.spusti.net,*":{"plugins":1},"[*.]www.zapni.tv,*":{"plugins":1},"[*.]www1.netflix.com,*":{"fullscreen":1},"[*.]yelotv.be,*":{"plugins":1},"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"fullscreen":1},"https://[*.]khanovaskola.cz:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://matematikarka.cz:443,https://matematikarka.cz:443":{"ssl-cert-decisions":{"cert_exceptions_map":{"4294967095b1CuyMELU8Yr210exxEqw9Pm/N6A/n1+t/MEfZ5GuSA=":1},"decision_expiration_time":"13066592380539732","guid":"8800600C-C8F2-43C5-A52F-0466A4FC3682","version":1}},"https://www.blogger.com:443,https://www.blogger.com:443":{"geolocation":2}},"pref_version":1},"default_content_settings":{},"exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/s256-c/photo.jpg","gaia_info_update_time":"13082726768220660","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"První uživatel","password_manager_groups_for_domains":[3,6,null,null,null,null,8,null,2],"per_host_zoom_levels":{}},"protection":{"macs":{"extensions":null}},"reverse_autologin":{"enabled":false},"safebrowsing":{"extended_reporting_enabled":false},"savefile":{"default_directory":"C:\\Users\\Zuzana\\Documents\\Plocha\\backgrounds"},"selectfile":{"last_directory":"C:\\Users\\Zuzana\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13034394137712820","urls_to_restore_on_startup":null},"shelf_alignment_local":"Bottom","spellcheck":{"dictionary":"cs","use_spelling_service":false},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Search Engines","Sessions","Apps","App settings","Extension settings","History Delete Directives","Dictionary","Favicon Images","Favicon Tracking","Device Info","Priority Preferences","Managed User Settings","Managed Users","Managed User Shared Settings","Articles","App List","Tabs","Encryption keys"],"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"history_delete_directives":true,"keep_everything_synced":true,"managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"memory_warning_count":79,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncxsH6YOQyPvaPrEwIsYokeA==","sessions":true,"shutdown_cleanly":false,"suppress_start":false,"synced_notifications":true,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"show_ntp_bubble":false,"startup_count":7,"user_skipped":true,"view_count":7},"synced_notification":{"enabled_sending_services":["Google+"],"first_run":false,"initialized_sending_services":["Google+"]},"translate_accepted_count":{"cs":1,"de":0,"el":0,"en":0,"es":0,"fr":0,"hu":0,"it":0,"lt":0,"no":0,"pl":0,"pt":0,"ro":0,"ru":0,"sk":0,"sv":0,"tr":0,"zh-CN":0},"translate_blocked_languages":["cs","nl"],"translate_denied_count":{"cs":0,"de":6,"el":1,"en":3,"es":13,"fr":51,"hu":31,"it":3,"lt":1,"no":1,"pl":4,"pt":7,"ro":3,"ru":3,"sk":98,"sv":1,"zh-CN":1},"translate_denied_count_for_language":{"en":2,"fr":2,"tr":1},"translate_language_blacklist":["nl"],"translate_last_denied_time":1.415961e+12,"translate_last_denied_time_for_language":{"en":1.438171e+12,"fr":1.438184e+12,"tr":1440103570921.701},"translate_too_often_denied":true,"translate_too_often_denied_for_language":{"en":true,"fr":true},"translate_whitelists":{},"webkit":{"webprefs":{"allow_running_insecure_content":true}},"zerosuggest":{"cachedresults":""}}
\"width_microns\":90000},{\"custom_display_name\":\"Youkei 4 105x235mm\",\"height_microns\":235000,\"name\":\"JPN_YOU4\",\"vendor_id\":\"91\",\"width_microns\":105000},{\"custom_display_name\":\"Youkei 6 98x190mm\",\"height_microns\":190000,\"name\":\"NA_MONARCH\",\"vendor_id\":\"125\",\"width_microns\":98000},{\"custom_display_name\":\"Karta 55x91mm 2.16\\\"x3.58\\\"\",\"height_microns\":91000,\"vendor_id\":\"126\",\"width_microns\":55000},{\"custom_display_name\":\"Wide 101.6x180.6mm 4\\\"x7.1\\\"\",\"height_microns\":180600,\"vendor_id\":\"127\",\"width_microns\":101600},{\"custom_display_name\":\"Letter+ (Měřítko)\",\"height_microns\":337800,\"vendor_id\":\"272\",\"width_microns\":228600},{\"custom_display_name\":\"279.4x431.8mm 11\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"name\":\"NA_LEDGER\",\"vendor_id\":\"3\",\"width_microns\":279400},{\"custom_display_name\":\"342.9x431.8mm 13.5\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"262\",\"width_microns\":342900},{\"custom_display_name\":\"431.8x558.8mm 17\\\"x22\\\" (Měřítko)\",\"height_microns\":558800,\"name\":\"NA_C\",\"vendor_id\":\"24\",\"width_microns\":431800},{\"custom_display_name\":\"A4+ (Měřítko)\",\"height_microns\":355600,\"vendor_id\":\"273\",\"width_microns\":222700},{\"custom_display_name\":\"A3 (Měřítko)\",\"height_microns\":420000,\"name\":\"ISO_A3\",\"vendor_id\":\"8\",\"width_microns\":297000},{\"custom_display_name\":\"A3+ 13\\\"x19\\\" 329x483mm (Měřítko)\",\"height_microns\":483000,\"vendor_id\":\"274\",\"width_microns\":329000},{\"custom_display_name\":\"A2 (Měřítko)\",\"height_microns\":594000,\"name\":\"ISO_A2\",\"vendor_id\":\"66\",\"width_microns\":420000},{\"custom_display_name\":\"B4 (Měřítko)\",\"height_microns\":364000,\"name\":\"JIS_B4\",\"vendor_id\":\"12\",\"width_microns\":257000},{\"custom_display_name\":\"B3 (Měřítko)\",\"height_microns\":515000,\"name\":\"JIS_B3\",\"vendor_id\":\"257\",\"width_microns\":364000},{\"custom_display_name\":\"25x30cm 10\\\"x12\\\" (Měřítko)\",\"height_microns\":304800,\"vendor_id\":\"297\",\"width_microns\":254000},{\"custom_display_name\":\"36x43cm 14\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"296\",\"width_microns\":355600}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"selectedDestinationExtensionId\":\"\"}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"[*.]www.hellspy.cz,*":{"setting":1}},"cookies":{},"fullscreen":{"[*.]www.ekospace.cz,*":{"setting":1},"[*.]www1.netflix.com,*":{"setting":1},"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"setting":1},"https://[*.]khanovaskola.cz:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{"https://www.blogger.com:443,https://www.blogger.com:443":{"setting":2}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]tv.blbne.cz,*":{"setting":1},"[*.]www.spusti.net,*":{"setting":1},"[*.]www.zapni.tv,*":{"setting":1},"[*.]yelotv.be,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]tv.blbne.cz,*":{"plugins":1},"[*.]www.ekospace.cz,*":{"fullscreen":1},"[*.]www.hellspy.cz,*":{"multiple-automatic-downloads":1},"[*.]www.spusti.net,*":{"plugins":1},"[*.]www.zapni.tv,*":{"plugins":1},"[*.]www1.netflix.com,*":{"fullscreen":1},"[*.]yelotv.be,*":{"plugins":1},"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"fullscreen":1},"https://[*.]khanovaskola.cz:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://matematikarka.cz:443,https://matematikarka.cz:443":{"ssl-cert-decisions":{"cert_exceptions_map":{"4294967095b1CuyMELU8Yr210exxEqw9Pm/N6A/n1+t/MEfZ5GuSA=":1},"decision_expiration_time":"13066592380539732","guid":"8800600C-C8F2-43C5-A52F-0466A4FC3682","version":1}},"https://www.blogger.com:443,https://www.blogger.com:443":{"geolocation":2}},"pref_version":1},"default_content_settings":{},"exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/s256-c/photo.jpg","gaia_info_update_time":"13082726768220660","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"První uživatel","password_manager_groups_for_domains":[3,6,null,null,null,null,8,null,2],"per_host_zoom_levels":{}},"protection":{"macs":{"extensions":null}},"reverse_autologin":{"enabled":false},"safebrowsing":{"extended_reporting_enabled":false},"savefile":{"default_directory":"C:\\Users\\Zuzana\\Documents\\Plocha\\backgrounds"},"selectfile":{"last_directory":"C:\\Users\\Zuzana\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13034394137712820","urls_to_restore_on_startup":null},"shelf_alignment_local":"Bottom","spellcheck":{"dictionary":"cs","use_spelling_service":false},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Search Engines","Sessions","Apps","App settings","Extension settings","History Delete Directives","Dictionary","Favicon Images","Favicon Tracking","Device Info","Priority Preferences","Managed User Settings","Managed Users","Managed User Shared Settings","Articles","App List","Tabs","Encryption keys"],"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"history_delete_directives":true,"keep_everything_synced":true,"managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"memory_warning_count":79,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncxsH6YOQyPvaPrEwIsYokeA==","sessions":true,"shutdown_cleanly":false,"suppress_start":false,"synced_notifications":true,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"show_ntp_bubble":false,"startup_count":7,"user_skipped":true,"view_count":7},"synced_notification":{"enabled_sending_services":["Google+"],"first_run":false,"initialized_sending_services":["Google+"]},"translate_accepted_count":{"cs":1,"de":0,"el":0,"en":0,"es":0,"fr":0,"hu":0,"it":0,"lt":0,"no":0,"pl":0,"pt":0,"ro":0,"ru":0,"sk":0,"sv":0,"tr":0,"zh-CN":0},"translate_blocked_languages":["cs","nl"],"translate_denied_count":{"cs":0,"de":6,"el":1,"en":3,"es":13,"fr":51,"hu":31,"it":3,"lt":1,"no":1,"pl":4,"pt":7,"ro":3,"ru":3,"sk":98,"sv":1,"zh-CN":1},"translate_denied_count_for_language":{"en":2,"fr":2,"tr":1},"translate_language_blacklist":["nl"],"translate_last_denied_time":1.415961e+12,"translate_last_denied_time_for_language":{"en":1.438171e+12,"fr":1.438184e+12,"tr":1440103570921.701},"translate_too_often_denied":true,"translate_too_often_denied_for_language":{"en":true,"fr":true},"translate_whitelists":{},"webkit":{"webprefs":{"allow_running_insecure_content":true}},"zerosuggest":{"cachedresults":""}}

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{3B8183ED-28F9-4A17-9245-90E1108641D0} Bing Url="http://www.bing.com/search?q={searchTer ... &pc=MASEJS"
{A5229421-BDDC-4C9D-A484-5454064B3295} eBay Url="http://rover.ebay.com/rover/1/710-42480 ... earchTerms}"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=s ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{80C159B8-8488-5173-BF1E-1AA7F7B17144} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ADDE2424-73A1-A66C-E679-10F192E54915} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4BABE9F-47A8-AFBB-1B14-2C41355F8467} deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1323 folders=168 154119639 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Zuzana\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Zuzana\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 24. 08. 2015 at 20:47:01,19 ======================

LolaBe · #19 Příspěvek od **LolaBe** » 25 srp 2015 22:50

Zdravim a posilam dva vysledne logy.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 8.1 x64
Ran by Zuzana on po 24. 08. 2015 at 0:15:10,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1DBE9F9CF71F74917805764D0AEB13B5

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted: [File] C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\ckunuyrk.default\extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
Successfully deleted: [Folder] C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\ckunuyrk.default\smartbar
Successfully deleted the following from C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\ckunuyrk.default\prefs.js

user_pref(CT2269050.1000082.isPlayDisplay, true);
user_pref(CT2269050.1000234.TWC_TMP_city, MECHELEN);
user_pref(CT2269050.1000234.TWC_TMP_country, BE);
user_pref(CT2269050.1000234.TWC_country, BELGIUM);
user_pref(CT2269050.1000234.TWC_locId, BEXX0013);
user_pref(CT2269050.1000234.TWC_location, Mechelen, Belgium);
user_pref(CT2269050.1000234.TWC_region, OT);
user_pref(CT2269050.1000234.TWC_temp_dis, c);
user_pref(CT2269050.1000234.TWC_wind_dis, kmh);
user_pref(CT2269050.FF19Solved, true);
user_pref(CT2269050.FirstTime, true);
user_pref(CT2269050.FirstTimeFF3, true);
user_pref(CT2269050.PG_ENABLE, dHJ1ZQ==);
user_pref(CT2269050.PG_ENABLE.enc, dHJ1ZQ==);
user_pref(CT2269050.SearchAppState.enc, Mg==);
user_pref(CT2269050.UserID, UN41648435683010320);
user_pref(CT2269050.addressBarTakeOverEnabledInHidden, true);
user_pref(CT2269050.autoDisableScopes, -1);
user_pref(CT2269050.browser.search.defaultthis.engineName, true);
user_pref(CT2269050.cbfirsttime.enc, VHVlIE1heSAyMSAyMDEzIDE4OjAyOjE3IEdNVCswMjAwIChSb21hbmNlIERheWxpZ2h0IFRpbWUp);
user_pref(CT2269050.countryCode, BE);
user_pref(CT2269050.enableFix404ByUser, TRUE);
user_pref(CT2269050.firstTimeDialogOpened, true);
user_pref(CT2269050.fixPageNotFoundErrorByUser, TRUE);
user_pref(CT2269050.fixPageNotFoundErrorInHidden, true);
user_pref(CT2269050.fixUrls, true);
user_pref(CT2269050.fullUserID, UN41648435683010320.UP.20130907152426);
user_pref(CT2269050.homepageuserchanged, true);
user_pref(CT2269050.installDate, 26/4/2013 14:04:55);
user_pref(CT2269050.installSessionId, -1);
user_pref(CT2269050.installSp, false);
user_pref(CT2269050.installType, Unknown);
user_pref(CT2269050.installUsage, 2013-05-21T18:59:11.8986836+03:00);
user_pref(CT2269050.installUsageEarly, 2013-05-21T18:59:09.7302697+03:00);
user_pref(CT2269050.installerVersion, 1.4.1.3);
user_pref(CT2269050.isCheckedStartAsHidden, true);
user_pref(CT2269050.isFirstTimeToolbarLoading, false);
user_pref(CT2269050.keyword, true);
user_pref(CT2269050.lastVersion, 10.22.3.518);
user_pref(CT2269050.mam_gk_appStateReportTime, %B7%BA%B6%BC%BF%B9%BD%B8%B8%B9%BB%BD%B8);
user_pref(CT2269050.mam_gk_appStateReportTime.enc, MTQwNjkzNzIyMzU3Mg==);
user_pref(CT2269050.mam_gk_appState_Clarity_Active, %F5%F4);
user_pref(CT2269050.mam_gk_appState_Clarity_Active.enc, b24=);
user_pref(CT2269050.mam_gk_appState_CouponBuddy.enc, b24=);
user_pref(CT2269050.mam_gk_appState_Easytobook.enc, b24=);
user_pref(CT2269050.mam_gk_appState_Easytobook_targeted.enc, b24=);
user_pref(CT2269050.mam_gk_appState_PriceGong.enc, b24=);
user_pref(CT2269050.mam_gk_appsConfig.enc, eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJFYXN5dG9ib29rX3RhcmdldGVkIiwidXJsIjoiaHR0cDovL2NvbmQwMS5ldGJ4bWwuY29tL2NvbmR1aXRfYnVuZGxlL
user_pref(CT2269050.mam_gk_appsDefaultEnabled, %F4%FB%F2%F2);
user_pref(CT2269050.mam_gk_appsDefaultEnabled.enc, bnVsbA==);
user_pref(CT2269050.mam_gk_currentVersion, %B7%B4%B7%B9%B4%B6%B4%B7%BD);
user_pref(CT2269050.mam_gk_currentVersion.enc, MS4xMy4wLjE3);
user_pref(CT2269050.mam_gk_existingUsersRecoveryDone.enc, MQ==);
user_pref(CT2269050.mam_gk_first_time, %B7);
user_pref(CT2269050.mam_gk_first_time.enc, MQ==);
user_pref(CT2269050.mam_gk_globalKeysMigratedToLocalStorage, %B7);
user_pref(CT2269050.mam_gk_globalKeysMigratedToLocalStorage.enc, MQ==);
user_pref(CT2269050.mam_gk_installer_preapproved.enc, dHJ1ZQ==);
user_pref(CT2269050.mam_gk_lastLoginTime, %B7%BA%B6%BC%BF%B9%BD%B8%B8%BA%B6%B8%B7);
user_pref(CT2269050.mam_gk_lastLoginTime.enc, MTQwNjkzNzIyNDAyMQ==);
user_pref(CT2269050.mam_gk_localization.enc, eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXB
user_pref(CT2269050.mam_gk_pgUnloadedOnce.enc, dHJ1ZQ==);
user_pref(CT2269050.mam_gk_settings1.10.2.5.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjo
user_pref(CT2269050.mam_gk_settings1.10.4.0.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjo
user_pref(CT2269050.mam_gk_settings1.11.4.2, %u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%
user_pref(CT2269050.mam_gk_settings1.11.4.2.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMTkiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjU0XzAiLCJpc1Rlc3Q
user_pref(CT2269050.mam_gk_settings1.12.0.5, %u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%
user_pref(CT2269050.mam_gk_settings1.12.0.5.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEyMzAiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjU0XzAiLCJpc1Rlc3Q
user_pref(CT2269050.mam_gk_settings1.13.0.17, %u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7
user_pref(CT2269050.mam_gk_settings1.13.0.17.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxNDA4MDIiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjU0XzAiLCJSVEsiOi
user_pref(CT2269050.mam_gk_settings1.6.0.1.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMzAzXzEiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVu
user_pref(CT2269050.mam_gk_settings1.8.0.4.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoi
user_pref(CT2269050.mam_gk_settings1.9.0.4.enc, eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoi
user_pref(CT2269050.mam_gk_showCloseButton.enc, dHJ1ZQ==);
user_pref(CT2269050.mam_gk_showWelcomeGadget, %EC%E7%F2%F9%EB);
user_pref(CT2269050.mam_gk_showWelcomeGadget.enc, ZmFsc2U=);
user_pref(CT2269050.mam_gk_stamp, %BB%BA%E5%B6);
user_pref(CT2269050.mam_gk_stamp.enc, NTRfMA==);
user_pref(CT2269050.mam_gk_userBornDate, %D4%B5%C7);
user_pref(CT2269050.mam_gk_userBornDate.enc, Ti9B);
user_pref(CT2269050.mam_gk_userId, %BD%EB%EC%BC%EB%BD%E9%BB%B3%B8%BC%BB%BA%B3%BA%B7%B8%B8%B3%E8%B8%EC%BA%B3%E7%BC%B6%B8%B9%E7%EB%B9%B6%BF%E7%BA);
user_pref(CT2269050.mam_gk_userId.enc, N2VmNmU3YzUtMjY1NC00MTIyLWIyZjQtYTYwMjNhZTMwOWE0);
user_pref(CT2269050.mam_gk_user_approval_interacted, %B7);
user_pref(CT2269050.mam_gk_user_approval_interacted.enc, MQ==);
user_pref(CT2269050.mam_gk_welcomeDialogMode, %B7);
user_pref(CT2269050.mam_gk_welcomeDialogMode.enc, MQ==);
user_pref(CT2269050.migrateAppsAndComponents, true);
user_pref(CT2269050.openThankYouPage, FALSE);
user_pref(CT2269050.openUninstallPage, FALSE);
user_pref(CT2269050.price-gong.isManagedApp, true);
user_pref(CT2269050.search.searchAppId, 128834881989343895);
user_pref(CT2269050.search.searchCount, 0);
user_pref(CT2269050.searchFromAddressBarEnabledByUser, true);
user_pref(CT2269050.searchInNewTabEnabledByUser, true);
user_pref(CT2269050.searchInNewTabEnabledInHidden, true);
user_pref(CT2269050.searchRevert, false);
user_pref(CT2269050.searchSuggestEnabledByUser, true);
user_pref(CT2269050.searchUserMode, 2);
user_pref(CT2269050.serviceLayer_services_Configuration_lastUpdate, 1406937219054);
user_pref(CT2269050.serviceLayer_services_appTrackingFirstTime_lastUpdate, 1406937218215);
user_pref(CT2269050.serviceLayer_services_appsMetadata_lastUpdate, 1406937218210);
user_pref(CT2269050.serviceLayer_services_gottenAppsContextMenu_lastUpdate, 1406937215153);
user_pref(CT2269050.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate, 1369151950601);
user_pref(CT2269050.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate, 1369151952758);
user_pref(CT2269050.serviceLayer_services_location_lastUpdate, 1377945692762);
user_pref(CT2269050.serviceLayer_services_login_10.15.310.1_lastUpdate, 1377934917611);
user_pref(CT2269050.serviceLayer_services_login_10.19.2.505_lastUpdate, 1378749180545);
user_pref(CT2269050.serviceLayer_services_login_10.20.0.513_lastUpdate, 1384893614483);
user_pref(CT2269050.serviceLayer_services_login_10.22.3.518_lastUpdate, 1406937212061);
user_pref(CT2269050.serviceLayer_services_otherAppsContextMenu_lastUpdate, 1406937218219);
user_pref(CT2269050.serviceLayer_services_searchAPI_lastUpdate, 1406937218754);
user_pref(CT2269050.serviceLayer_services_serviceMap_lastUpdate, 1406937212164);
user_pref(CT2269050.serviceLayer_services_toolbarContextMenu_lastUpdate, 1406937214996);
user_pref(CT2269050.serviceLayer_services_toolbarSettings_lastUpdate, 1406937215187);
user_pref(CT2269050.serviceLayer_services_translation_lastUpdate, 1406937215137);
user_pref(CT2269050.settingsINI, true);
user_pref(CT2269050.shouldFirstTimeDialog, FALSE);
user_pref(CT2269050.showToolbarPermission, false);
user_pref(CT2269050.toolbarBornServerTime, 21-5-2013);
user_pref(CT2269050.toolbarCurrentServerTime, 2-8-2014);
user_pref(CT2269050.toolbarLoginClientTime, Tue May 21 2013 17:59:12 GMT+0200 (Romance Daylight Time));
user_pref(CT2269050.url_history0001.enc, aHR0cDovL3d3dy5sZW90di5jei9zdGFydG92YWNrYS5waHA/bG9jYWxlcz0yJmlkX3BhZ2U9MjMyNCZpZF9wcmV2aW91c19wYWdlPTIzMTgmbm9jYWNoZT0xMzY5MjQ2MzM
user_pref(CT2269050.versionFromInstaller, 10.15.310.1);
user_pref(browser.search.defaulturl, hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&);
user_pref(extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledUrls.value, %7B%22dealply_s%22%3A%7B%22url
user_pref(keyword.URL, hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&);

~~~ Chrome

[C:\Users\Zuzana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Zuzana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Zuzana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Zuzana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 24. 08. 2015 at 0:23:24,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Zuzana on po 24. 08. 2015 at 0:36:45,65.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Zuzana\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

24. 8. 2015 0:40:36 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Pando Networks deleted successfully
C:\PROGRA~2\VstPlugins deleted successfully
C:\Program Files\mcafee deleted successfully
C:\PROGRA~3\ArcSoft deleted successfully
C:\PROGRA~3\Avid deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\Movavi deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Sony deleted successfully
C:\Users\Zuzana\AppData\Roaming\com.adobe.AdobeMuseCC.2015.0 deleted successfully
C:\Users\Zuzana\AppData\Roaming\Opera Software deleted successfully
C:\Users\Zuzana\AppData\Roaming\SynthMaker deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
C:\Users\Zuzana\AppData\Local\Deshaker deleted successfully
C:\Users\Zuzana\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Zuzana\AppData\Local\EmieSiteList deleted successfully
C:\Users\Zuzana\AppData\Local\EmieUserList deleted successfully
C:\Users\Zuzana\AppData\Local\Opera Software deleted successfully
C:\Users\Zuzana\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1261800056-1722273939-4180883429-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default\prefs.js:
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default

user.js not found
---- Lines a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253 removed from prefs.js ----
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.active", true);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.addressbar", "NA");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.addressbarenhanced", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.asyncdb.was_copied", "true");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.asyncinternaldb.was_copied", "true");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.backgroundver", 20);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.certdomaininstaller", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.InstallationTime.value", "%221438185515%22");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:0
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.InstallerParams.value", "%7B%22source_id%22%3A%220
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.load_balancer.expiration", "Thu Jul 30 2015 23:52:
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.load_balancer.value", "%22%7B%20%5C%22Status%5C%22
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.previous_page.expiration", "Fri Feb 01 2030 00:00:
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.previous_page.value", "%22http%3A//forum.viry.cz/v
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.user_id.expiration", "Fri Feb 01 2030 00:00:00 GMT
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.cookie.user_id.value", "%2214edfa98b5f2a5fde50660465204e1
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.description", "Lights out for YouTube");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.domain", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.enablesearch", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.homepage", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.changeprevious", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.iframe", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.InstallationThankYouPage", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.InstallationTime", 1438185515);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.__defualt_browser__.value", "%22ch%22");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb._installer_additional_info.expiration", "Fri F
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb._installer_additional_info.value", "%7B%22asw%
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.installer.value", "%7B%22InstallerIdentifiers%
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerIdentifiers.value", "%7B%22installer_
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerParams.expiration", "Fri Feb 01 2030
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerParams.value", "%7B%22source_id%22%3A
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerParamsCache.expiration", "Fri Feb 01
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerParamsCache.value", "%7B%22source_id%
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerUserIdentifiersCache.expiration", "Fr
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.InstallerUserIdentifiersCache.value", "%7B%22i
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledUrls.expiration", "
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledWithHash.expiration
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledWithHash.value", "n
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_notBundledArr_.expiration"
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_notBundledArr_.value", "%5
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_regBundledWithSoftware.exp
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_regBundledWithSoftware.val
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.reporting_user_key_index.expiration", "Sun Jul
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.reporting_user_key_index.value", "522");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_appVer.value", "79");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_lastVersion.expiration", "Fri Feb 01
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 0
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_nextCheck.expiration", "Thu Jul 30 2
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_queue.expiration", "Fri Feb 01 2030
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.lastDailyReport", "1438271512572");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.lastUpdate", "1438271511696");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.manifesturl", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.name", "Cinem Plus 2.4cV29.07");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.newtab", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.opensearch", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.pluginsurl", "http://js.globalnodemax.com/plugin/apps/742
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.pluginsversion", 56);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.publisher", "Cinema Plus ProV29.07");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.searchstatus", 0);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.setnewtab", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.thankyou", "");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.updateinterval", 360);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.ver", 79);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.apps", "74253");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.bic", "14edfa98b5f2a5fde50660465204e1a4");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.cid", 74253);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.firstrun", false);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.hadappinstalled", true);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.installationdate", 1438271507);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.installerAdditionalInfo", "{\"asw\":[67108866, -2147483643, 409
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.modetype", "production");
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.reportInstall", true);
user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.statsDailyCounter", 1);
---- Lines extensions.51c40de2f22ce removed from prefs.js ----
user_pref("extensions.51c40de2f22ce.epoch", "1373443979");
user_pref("extensions.51c40de2f22ce.url", "http://getjpit.info/sync2/?ext=824&pid= ... d=42258728
---- Lines extensions.51c40e590d474 removed from prefs.js ----
user_pref("extensions.51c40e590d474.epoch", "1373443979");
user_pref("extensions.51c40e590d474.scode", "void(0);");
user_pref("extensions.51c40e590d474.url", "http://getjpi1.info/sync2/?ext=wbn&pid= ... d=42258728
---- Lines extensions.51c413519685a removed from prefs.js ----
user_pref("extensions.51c413519685a.epoch", "1373443979");
user_pref("extensions.51c413519685a.url", "http://getjpiproxy.info/sync2/?ext=824& ... 7&ind=4225
---- Lines extensions.51c4137264dff removed from prefs.js ----
user_pref("extensions.51c4137264dff.epoch", "1373443979");
user_pref("extensions.51c4137264dff.scode", "void(0);");
user_pref("extensions.51c4137264dff.url", "http://getproxy5.info/sync2/?ext=wbn&pi ... ind=422587
---- FireFox user.js and prefs.js backups ----

prefs_201524.08._0106_.backup

==== Batch Command(s) Run By Tool======================

C:\WINDOWS\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Pando Networks not found
C:\PROGRA~2\VstPlugins not found
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\install.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\Users\Zuzana\AppData\Roaming\__AvidCloudManager.log deleted
C:\Users\Zuzana\AppData\Roaming\__AvidCloudManagerPrevious.log deleted
C:\PROGRA~3\Wondershare Video Editor deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Zuzana\AppData\Local\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestart_chrome.exe deleted
C:\Users\Zuzana\AppData\LocalLow\SearchNewTab deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\WINDOWS\SysWow64\searchplugins deleted
C:\WINDOWS\SysWow64\Extensions deleted
C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default\CT2269050 deleted
C:\Users\Zuzana\AppData\Local\MSGBOX.EXE deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\ckunuyrk.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03. 08. 2015 21:00]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Chromium Look ======================

Google Chrome Version: 44.0.2403.157

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23. 04. 2015 16:54]

Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Avast Online Security - Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Startpages ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://sony13.msn.com/",

C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Preferences
\"width_microns\":90000},{\"custom_display_name\":\"Youkei 4 105x235mm\",\"height_microns\":235000,\"name\":\"JPN_YOU4\",\"vendor_id\":\"91\",\"width_microns\":105000},{\"custom_display_name\":\"Youkei 6 98x190mm\",\"height_microns\":190000,\"name\":\"NA_MONARCH\",\"vendor_id\":\"125\",\"width_microns\":98000},{\"custom_display_name\":\"Karta 55x91mm 2.16\\\"x3.58\\\"\",\"height_microns\":91000,\"vendor_id\":\"126\",\"width_microns\":55000},{\"custom_display_name\":\"Wide 101.6x180.6mm 4\\\"x7.1\\\"\",\"height_microns\":180600,\"vendor_id\":\"127\",\"width_microns\":101600},{\"custom_display_name\":\"Letter+ (Měřítko)\",\"height_microns\":337800,\"vendor_id\":\"272\",\"width_microns\":228600},{\"custom_display_name\":\"279.4x431.8mm 11\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"name\":\"NA_LEDGER\",\"vendor_id\":\"3\",\"width_microns\":279400},{\"custom_display_name\":\"342.9x431.8mm 13.5\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"262\",\"width_microns\":342900},{\"custom_display_name\":\"431.8x558.8mm 17\\\"x22\\\" (Měřítko)\",\"height_microns\":558800,\"name\":\"NA_C\",\"vendor_id\":\"24\",\"width_microns\":431800},{\"custom_display_name\":\"A4+ (Měřítko)\",\"height_microns\":355600,\"vendor_id\":\"273\",\"width_microns\":222700},{\"custom_display_name\":\"A3 (Měřítko)\",\"height_microns\":420000,\"name\":\"ISO_A3\",\"vendor_id\":\"8\",\"width_microns\":297000},{\"custom_display_name\":\"A3+ 13\\\"x19\\\" 329x483mm (Měřítko)\",\"height_microns\":483000,\"vendor_id\":\"274\",\"width_microns\":329000},{\"custom_display_name\":\"A2 (Měřítko)\",\"height_microns\":594000,\"name\":\"ISO_A2\",\"vendor_id\":\"66\",\"width_microns\":420000},{\"custom_display_name\":\"B4 (Měřítko)\",\"height_microns\":364000,\"name\":\"JIS_B4\",\"vendor_id\":\"12\",\"width_microns\":257000},{\"custom_display_name\":\"B3 (Měřítko)\",\"height_microns\":515000,\"name\":\"JIS_B3\",\"vendor_id\":\"257\",\"width_microns\":364000},{\"custom_display_name\":\"25x30cm 10\\\"x12\\\" (Měřítko)\",\"height_microns\":304800,\"vendor_id\":\"297\",\"width_microns\":254000},{\"custom_display_name\":\"36x43cm 14\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"296\",\"width_microns\":355600}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"selectedDestinationExtensionId\":\"\"}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"[*.]www.hellspy.cz,*":{"setting":1}},"cookies":{},"fullscreen":{"[*.]www.ekospace.cz,*":{"setting":1},"[*.]www1.netflix.com,*":{"setting":1},"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"setting":1},"https://[*.]khanovaskola.cz:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{"https://www.blogger.com:443,https://www.blogger.com:443":{"setting":2}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]tv.blbne.cz,*":{"setting":1},"[*.]www.spusti.net,*":{"setting":1},"[*.]www.zapni.tv,*":{"setting":1},"[*.]yelotv.be,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]tv.blbne.cz,*":{"plugins":1},"[*.]www.ekospace.cz,*":{"fullscreen":1},"[*.]www.hellspy.cz,*":{"multiple-automatic-downloads":1},"[*.]www.spusti.net,*":{"plugins":1},"[*.]www.zapni.tv,*":{"plugins":1},"[*.]www1.netflix.com,*":{"fullscreen":1},"[*.]yelotv.be,*":{"plugins":1},"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"fullscreen":1},"https://[*.]khanovaskola.cz:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://matematikarka.cz:443,https://matematikarka.cz:443":{"ssl-cert-decisions":{"cert_exceptions_map":{"4294967095b1CuyMELU8Yr210exxEqw9Pm/N6A/n1+t/MEfZ5GuSA=":1},"decision_expiration_time":"13066592380539732","guid":"8800600C-C8F2-43C5-A52F-0466A4FC3682","version":1}},"https://www.blogger.com:443,https://www.blogger.com:443":{"geolocation":2}},"pref_version":1},"default_content_settings":{},"exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/s256-c/photo.jpg","gaia_info_update_time":"13082726768220660","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"První uživatel","password_manager_groups_for_domains":[3,6,null,null,null,null,8,null,2],"per_host_zoom_levels":{}},"protection":{"macs":{"extensions":null}},"reverse_autologin":{"enabled":false},"safebrowsing":{"extended_reporting_enabled":false},"savefile":{"default_directory":"C:\\Users\\Zuzana\\Documents\\Plocha\\backgrounds"},"selectfile":{"last_directory":"C:\\Users\\Zuzana\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13034394137712820","urls_to_restore_on_startup":null},"shelf_alignment_local":"Bottom","spellcheck":{"dictionary":"cs","use_spelling_service":false},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Search Engines","Sessions","Apps","App settings","Extension settings","History Delete Directives","Dictionary","Favicon Images","Favicon Tracking","Device Info","Priority Preferences","Managed User Settings","Managed Users","Managed User Shared Settings","Articles","App List","Tabs","Encryption keys"],"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"history_delete_directives":true,"keep_everything_synced":true,"managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"memory_warning_count":79,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncxsH6YOQyPvaPrEwIsYokeA==","sessions":true,"shutdown_cleanly":false,"suppress_start":false,"synced_notifications":true,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"show_ntp_bubble":false,"startup_count":7,"user_skipped":true,"view_count":7},"synced_notification":{"enabled_sending_services":["Google+"],"first_run":false,"initialized_sending_services":["Google+"]},"translate_accepted_count":{"cs":1,"de":0,"el":0,"en":0,"es":0,"fr":0,"hu":0,"it":0,"lt":0,"no":0,"pl":0,"pt":0,"ro":0,"ru":0,"sk":0,"sv":0,"tr":0,"zh-CN":0},"translate_blocked_languages":["cs","nl"],"translate_denied_count":{"cs":0,"de":6,"el":1,"en":3,"es":13,"fr":51,"hu":31,"it":3,"lt":1,"no":1,"pl":4,"pt":7,"ro":3,"ru":3,"sk":98,"sv":1,"zh-CN":1},"translate_denied_count_for_language":{"en":2,"fr":2,"tr":1},"translate_language_blacklist":["nl"],"translate_last_denied_time":1.415961e+12,"translate_last_denied_time_for_language":{"en":1.438171e+12,"fr":1.438184e+12,"tr":1440103570921.701},"translate_too_often_denied":true,"translate_too_often_denied_for_language":{"en":true,"fr":true},"translate_whitelists":{},"webkit":{"webprefs":{"allow_running_insecure_content":true}},"zerosuggest":{"cachedresults":""}}
\"width_microns\":90000},{\"custom_display_name\":\"Youkei 4 105x235mm\",\"height_microns\":235000,\"name\":\"JPN_YOU4\",\"vendor_id\":\"91\",\"width_microns\":105000},{\"custom_display_name\":\"Youkei 6 98x190mm\",\"height_microns\":190000,\"name\":\"NA_MONARCH\",\"vendor_id\":\"125\",\"width_microns\":98000},{\"custom_display_name\":\"Karta 55x91mm 2.16\\\"x3.58\\\"\",\"height_microns\":91000,\"vendor_id\":\"126\",\"width_microns\":55000},{\"custom_display_name\":\"Wide 101.6x180.6mm 4\\\"x7.1\\\"\",\"height_microns\":180600,\"vendor_id\":\"127\",\"width_microns\":101600},{\"custom_display_name\":\"Letter+ (Měřítko)\",\"height_microns\":337800,\"vendor_id\":\"272\",\"width_microns\":228600},{\"custom_display_name\":\"279.4x431.8mm 11\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"name\":\"NA_LEDGER\",\"vendor_id\":\"3\",\"width_microns\":279400},{\"custom_display_name\":\"342.9x431.8mm 13.5\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"262\",\"width_microns\":342900},{\"custom_display_name\":\"431.8x558.8mm 17\\\"x22\\\" (Měřítko)\",\"height_microns\":558800,\"name\":\"NA_C\",\"vendor_id\":\"24\",\"width_microns\":431800},{\"custom_display_name\":\"A4+ (Měřítko)\",\"height_microns\":355600,\"vendor_id\":\"273\",\"width_microns\":222700},{\"custom_display_name\":\"A3 (Měřítko)\",\"height_microns\":420000,\"name\":\"ISO_A3\",\"vendor_id\":\"8\",\"width_microns\":297000},{\"custom_display_name\":\"A3+ 13\\\"x19\\\" 329x483mm (Měřítko)\",\"height_microns\":483000,\"vendor_id\":\"274\",\"width_microns\":329000},{\"custom_display_name\":\"A2 (Měřítko)\",\"height_microns\":594000,\"name\":\"ISO_A2\",\"vendor_id\":\"66\",\"width_microns\":420000},{\"custom_display_name\":\"B4 (Měřítko)\",\"height_microns\":364000,\"name\":\"JIS_B4\",\"vendor_id\":\"12\",\"width_microns\":257000},{\"custom_display_name\":\"B3 (Měřítko)\",\"height_microns\":515000,\"name\":\"JIS_B3\",\"vendor_id\":\"257\",\"width_microns\":364000},{\"custom_display_name\":\"25x30cm 10\\\"x12\\\" (Měřítko)\",\"height_microns\":304800,\"vendor_id\":\"297\",\"width_microns\":254000},{\"custom_display_name\":\"36x43cm 14\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"296\",\"width_microns\":355600}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"selectedDestinationExtensionId\":\"\"}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"[*.]www.hellspy.cz,*":{"setting":1}},"cookies":{},"fullscreen":{"[*.]www.ekospace.cz,*":{"setting":1},"[*.]www1.netflix.com,*":{"setting":1},"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"setting":1},"https://[*.]khanovaskola.cz:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{"https://www.blogger.com:443,https://www.blogger.com:443":{"setting":2}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]tv.blbne.cz,*":{"setting":1},"[*.]www.spusti.net,*":{"setting":1},"[*.]www.zapni.tv,*":{"setting":1},"[*.]yelotv.be,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]tv.blbne.cz,*":{"plugins":1},"[*.]www.ekospace.cz,*":{"fullscreen":1},"[*.]www.hellspy.cz,*":{"multiple-automatic-downloads":1},"[*.]www.spusti.net,*":{"plugins":1},"[*.]www.zapni.tv,*":{"plugins":1},"[*.]www1.netflix.com,*":{"fullscreen":1},"[*.]yelotv.be,*":{"plugins":1},"http://novaplus.nova.cz:80,http://novaplus.nova.cz:80":{"fullscreen":1},"https://[*.]khanovaskola.cz:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://matematikarka.cz:443,https://matematikarka.cz:443":{"ssl-cert-decisions":{"cert_exceptions_map":{"4294967095b1CuyMELU8Yr210exxEqw9Pm/N6A/n1+t/MEfZ5GuSA=":1},"decision_expiration_time":"13066592380539732","guid":"8800600C-C8F2-43C5-A52F-0466A4FC3682","version":1}},"https://www.blogger.com:443,https://www.blogger.com:443":{"geolocation":2}},"pref_version":1},"default_content_settings":{},"exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/s256-c/photo.jpg","gaia_info_update_time":"13082726768220660","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"První uživatel","password_manager_groups_for_domains":[3,6,null,null,null,null,8,null,2],"per_host_zoom_levels":{}},"protection":{"macs":{"extensions":null}},"reverse_autologin":{"enabled":false},"safebrowsing":{"extended_reporting_enabled":false},"savefile":{"default_directory":"C:\\Users\\Zuzana\\Documents\\Plocha\\backgrounds"},"selectfile":{"last_directory":"C:\\Users\\Zuzana\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13034394137712820","urls_to_restore_on_startup":null},"shelf_alignment_local":"Bottom","spellcheck":{"dictionary":"cs","use_spelling_service":false},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Search Engines","Sessions","Apps","App settings","Extension settings","History Delete Directives","Dictionary","Favicon Images","Favicon Tracking","Device Info","Priority Preferences","Managed User Settings","Managed Users","Managed User Shared Settings","Articles","App List","Tabs","Encryption keys"],"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"history_delete_directives":true,"keep_everything_synced":true,"managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"memory_warning_count":79,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncxsH6YOQyPvaPrEwIsYokeA==","sessions":true,"shutdown_cleanly":false,"suppress_start":false,"synced_notifications":true,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"show_ntp_bubble":false,"startup_count":7,"user_skipped":true,"view_count":7},"synced_notification":{"enabled_sending_services":["Google+"],"first_run":false,"initialized_sending_services":["Google+"]},"translate_accepted_count":{"cs":1,"de":0,"el":0,"en":0,"es":0,"fr":0,"hu":0,"it":0,"lt":0,"no":0,"pl":0,"pt":0,"ro":0,"ru":0,"sk":0,"sv":0,"tr":0,"zh-CN":0},"translate_blocked_languages":["cs","nl"],"translate_denied_count":{"cs":0,"de":6,"el":1,"en":3,"es":13,"fr":51,"hu":31,"it":3,"lt":1,"no":1,"pl":4,"pt":7,"ro":3,"ru":3,"sk":98,"sv":1,"zh-CN":1},"translate_denied_count_for_language":{"en":2,"fr":2,"tr":1},"translate_language_blacklist":["nl"],"translate_last_denied_time":1.415961e+12,"translate_last_denied_time_for_language":{"en":1.438171e+12,"fr":1.438184e+12,"tr":1440103570921.701},"translate_too_often_denied":true,"translate_too_often_denied_for_language":{"en":true,"fr":true},"translate_whitelists":{},"webkit":{"webprefs":{"allow_running_insecure_content":true}},"zerosuggest":{"cachedresults":""}}

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{3B8183ED-28F9-4A17-9245-90E1108641D0} Bing Url="http://www.bing.com/search?q={searchTer ... &pc=MASEJS"
{A5229421-BDDC-4C9D-A484-5454064B3295} eBay Url="http://rover.ebay.com/rover/1/710-42480 ... earchTerms}"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=s ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{80C159B8-8488-5173-BF1E-1AA7F7B17144} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ADDE2424-73A1-A66C-E679-10F192E54915} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4BABE9F-47A8-AFBB-1B14-2C41355F8467} deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1323 folders=168 154119639 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Zuzana\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Zuzana\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 24. 08. 2015 at 20:47:01,19 ======================

#20 Příspěvek od **Márty84** » 25 srp 2015 23:33

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

LolaBe · #21 Příspěvek od **LolaBe** » 28 srp 2015 21:20

Zdravim, zde je prvni log.

OTL logfile created on: 28. 8. 2015 20:02:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zuzana\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17937)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d. M. yyyy

3,88 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 60,99% Memory free
6,26 Gb Paging File | 3,58 Gb Available in Paging File | 57,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 433,61 Gb Total Space | 216,07 Gb Free Space | 49,83% Space Free | Partition Type: NTFS

Computer Name: VAIO | User Name: Zuzana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/08/28 19:57:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
PRC - [2015/08/26 08:52:01 | 006,111,824 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015/08/18 07:23:54 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/08/03 21:00:55 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/08/03 21:00:40 | 000,109,008 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2015/07/23 05:16:32 | 002,266,800 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
PRC - [2015/07/23 05:16:24 | 002,303,152 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2015/07/22 17:02:46 | 000,156,336 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
PRC - [2015/07/22 15:33:42 | 000,174,256 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
PRC - [2015/07/22 15:33:12 | 000,680,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
PRC - [2015/07/22 01:02:22 | 031,535,264 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2015/07/17 23:16:21 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
PRC - [2015/07/16 18:39:26 | 005,521,792 | ---- | M] (Joyent, Inc) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
PRC - [2015/07/15 19:57:58 | 001,011,872 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2015/05/22 16:53:34 | 000,059,928 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2013/11/22 13:51:38 | 000,021,864 | ---- | M] (Promethean) -- C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe
PRC - [2013/09/07 02:27:46 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013/08/07 15:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/08/07 15:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/04/22 09:43:52 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/04/22 09:40:04 | 000,270,192 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2012/09/06 10:48:44 | 001,688,008 | R--- | M] (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
PRC - [2012/08/18 06:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012/08/18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2012/08/18 01:04:28 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2012/08/06 19:54:48 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/08/06 19:53:51 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/08/06 19:52:02 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/08/06 19:43:50 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/27 16:08:52 | 000,474,208 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012/07/27 16:03:40 | 000,724,576 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012/06/25 15:47:22 | 000,152,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
PRC - [2011/09/22 18:30:58 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2015/08/18 07:23:51 | 001,405,768 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
MOD - [2015/08/18 07:23:50 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
MOD - [2015/08/12 17:24:15 | 007,787,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e7dd54337058ee9fc1918ad615cdb185\System.Xml.ni.dll
MOD - [2015/08/12 17:24:07 | 012,897,280 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\b4f1dda828494fc76aa1ba8c9d4c5645\System.Windows.Forms.ni.dll
MOD - [2015/08/12 17:23:51 | 019,547,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\331c10772cb1bc5444b9bda1e605cfa7\System.ServiceModel.ni.dll
MOD - [2015/08/12 17:23:27 | 002,803,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\78d0c41c620debaa923cfc196824adc1\System.Runtime.Serialization.ni.dll
MOD - [2015/08/12 17:23:18 | 001,639,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2fd03fa85d6a91f0ee14d21571369a26\System.Drawing.ni.dll
MOD - [2015/08/12 17:23:02 | 000,967,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\bd583bdbb9ef33ee379f1ab9907eda7c\System.Configuration.ni.dll
MOD - [2015/08/03 21:00:58 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/08/03 21:00:57 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/07/22 15:32:36 | 036,732,592 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
MOD - [2015/07/22 01:02:22 | 031,535,264 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2015/07/18 17:55:53 | 006,982,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ccb5b082512497c88f8e84017a66a2d5\System.Core.ni.dll
MOD - [2015/07/18 17:55:47 | 010,069,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\487c38839683ae7c3d773386adc02b18\System.ni.dll
MOD - [2015/07/18 17:55:40 | 017,207,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2015/07/16 18:39:24 | 000,121,856 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-imslib\node_modules\ref\build\Release\binding.node
MOD - [2015/07/16 18:39:22 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
MOD - [2015/07/16 18:39:22 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
MOD - [2015/07/16 18:39:22 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-imslib\node_modules\ffi\build\Release\ffi_bindings.node
MOD - [2015/07/16 18:39:22 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\validation.node
MOD - [2015/07/16 18:39:22 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
MOD - [2015/07/16 18:39:20 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\bufferutil.node
MOD - [2015/04/23 16:55:51 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2012/06/25 15:47:26 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
MOD - [2012/06/25 15:47:25 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
MOD - [2012/06/25 15:47:23 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
MOD - [2012/06/25 15:47:23 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
MOD - [2012/06/25 15:47:23 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
MOD - [2012/06/25 15:47:20 | 000,891,392 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
MOD - [2012/06/25 15:47:20 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
MOD - [2012/06/25 15:47:20 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceManagerStarter.dll
MOD - [2012/06/25 15:47:20 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
MOD - [2012/06/25 15:47:20 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
MOD - [2012/06/25 15:47:19 | 002,281,984 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
MOD - [2012/06/25 15:47:17 | 000,443,904 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\DeviceProfile.dll
MOD - [2011/08/06 19:28:46 | 002,078,208 | ---- | M] () -- C:\Program Files (x86)\webcamXP 5\IPCameraRTSP.ax

========== Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2015/08/03 21:00:55 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015/08/03 21:00:40 | 000,109,008 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2015/07/07 11:39:32 | 000,366,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2015/07/07 11:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2015/05/30 21:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2015/05/25 15:07:50 | 001,430,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015/05/22 16:53:34 | 000,059,928 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2015/05/12 15:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2015/05/07 17:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2015/02/21 01:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015/02/04 17:29:52 | 000,377,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe -- (USER_ESRV_SVC)
SRV:64bit: - [2015/02/04 17:29:52 | 000,377,768 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe -- (ESRV_SVC)
SRV:64bit: - [2014/10/31 06:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/29 05:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/10/29 05:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/10/29 04:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014/10/29 04:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014/10/29 04:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014/10/29 04:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014/10/29 04:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014/10/29 03:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/10/29 03:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014/10/29 03:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/10/29 03:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014/10/29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/10/29 03:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014/10/29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/10/29 03:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014/10/29 03:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/10/29 03:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014/10/29 03:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/10/29 03:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/10/29 03:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/10/29 03:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014/10/29 02:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2014/10/29 02:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/10/29 02:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/10/29 02:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/02/28 17:05:06 | 001,642,544 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2013/11/22 13:51:38 | 000,021,864 | ---- | M] (Promethean) [Auto | Running] -- C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe -- (ActivControl)
SRV:64bit: - [2013/08/07 15:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2012/07/19 19:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2012/04/20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2015/08/16 14:07:01 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/07/22 15:33:12 | 000,680,112 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe -- (AdobeUpdateService)
SRV - [2015/06/18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/05/07 17:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/29 05:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 03:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 03:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/12/21 01:02:54 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/12/05 21:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/28 05:45:04 | 000,625,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport)
SRV - [2013/09/07 02:52:20 | 000,312,448 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/09/07 02:27:46 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/04/22 09:43:52 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/04/22 09:40:04 | 000,270,192 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2012/08/18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012/08/08 11:56:22 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2012/08/08 11:56:18 | 000,460,512 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2012/08/08 11:23:30 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2012/08/08 11:23:30 | 000,078,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2012/08/06 19:54:48 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/08/06 19:53:51 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/08/06 19:52:02 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/08/06 19:43:50 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/27 16:08:52 | 000,474,208 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/07/26 19:05:56 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/09/22 18:30:58 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2011/07/27 21:58:30 | 005,023,744 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files (x86)\webcamXP 5\wService.exe -- (wxpSvc)
SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2015/08/16 13:46:47 | 001,048,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2015/08/03 21:01:12 | 000,447,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2015/08/03 21:01:12 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015/08/03 21:01:12 | 000,150,672 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015/08/03 21:01:12 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015/08/03 21:01:12 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015/08/03 21:01:12 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015/08/03 21:01:12 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015/08/03 21:00:47 | 000,028,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2015/08/03 21:00:41 | 000,454,016 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdisFlt.sys -- (aswNdisFlt)
DRV:64bit: - [2015/07/30 01:29:11 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys -- (semav6thermal64ro)
DRV:64bit: - [2015/07/07 11:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/07/07 11:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/07/07 11:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015/06/18 08:42:02 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015/06/18 08:41:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/05/27 11:13:24 | 000,626,888 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2015/05/27 11:13:24 | 000,042,696 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2015/04/30 00:01:06 | 000,023,200 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2015/04/16 08:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2015/03/20 03:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015/03/17 19:26:06 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2015/03/13 06:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2015/03/09 04:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015/03/04 12:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/10/29 05:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/10/29 05:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/10/29 05:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/10/29 05:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/29 04:47:48 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2014/10/29 04:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/10/29 04:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014/10/29 04:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/10/29 04:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014/10/29 04:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014/10/15 10:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/10/13 04:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/13 04:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/07 08:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/10/07 08:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/12/30 04:30:23 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/12/21 01:02:44 | 004,216,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/12/15 01:34:54 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/12/15 01:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/12/08 02:53:55 | 000,044,640 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswTap.sys -- (aswTap)
DRV:64bit: - [2013/12/04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/14 09:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 09:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 09:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/25 15:07:06 | 003,837,440 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/09/07 02:29:14 | 000,594,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/09/07 02:29:14 | 000,428,488 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_vdp.sys -- (BTATH_VDP)
DRV:64bit: - [2013/09/07 02:29:14 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/09/07 02:29:14 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/09/07 02:29:14 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/09/07 02:29:14 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/09/07 02:29:14 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/09/07 02:29:14 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/09/07 02:29:14 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/07 15:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/25 17:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2013/06/18 16:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/08/21 15:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/20 18:30:34 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/08/06 19:48:09 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/07/26 19:06:29 | 000,339,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/07/11 14:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2012/06/11 04:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sows.sys -- (SOWS)
DRV:64bit: - [2011/11/03 05:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/07/13 16:00:14 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/06/02 16:56:52 | 000,015,360 | ---- | M] (Datacolor) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dccmtr.sys -- (Spyder4)
DRV:64bit: - [2005/09/24 00:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)

========== Standard Registry (SafeList) ==========

LolaBe · #22 Příspěvek od **LolaBe** » 28 srp 2015 21:21

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=s ... earchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\..\SearchScopes\{3B8183ED-28F9-4A17-9245-90E1108641D0}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MASEJS
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\..\SearchScopes\{A5229421-BDDC-4C9D-A484-5454064B3295}: "URL" = http://rover.ebay.com/rover/1/710-42480 ... earchTerms}
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=s ... earchTerms}
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "BE"
FF - prefs.js..browser.search.defaultthis.engineName: "Seznam"
FF - prefs.js..browser.search.region: "BE"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: 6a1a03975fde4c8690f6b883c36bc1%407d88519bfe704d8cae3851239.com:0.95.79
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll File not found
FF - HKCU\Software\MozillaPlugins\wondershare.com/FantashowPlugin: C:\Program Files (x86)\Wondershare\Fantashow\npFantashowPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/08/03 21:00:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/07/17 23:26:07 | 000,000,000 | ---D | M]

[2013/03/17 15:37:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\Extensions
[2015/08/24 00:21:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuzana\AppData\Roaming\mozilla\Firefox\Profiles\ckunuyrk.default\extensions
[2014/09/10 20:48:45 | 000,002,427 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\mozilla\firefox\profiles\ckunuyrk.default\searchplugins\seznam-avast.xml
[2013/08/30 13:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/08/28 04:33:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/19 19:19:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/11/19 19:19:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_1\
CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\
CHR - Extension: No name found = C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2015/08/24 00:42:06 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [ActivManager] C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
O4 - HKLM..\Run: [Nástroj WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001..\Run: [OneDrive] C:\Users\Zuzana\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.133 195.130.130.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{983CE5AE-FB13-47EA-9BEC-2FDD94D72B0D}: DhcpNameServer = 195.130.130.133 195.130.131.133
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B83DD200-C08A-434E-898A-1F69FFF06485}: DhcpNameServer = 195.130.131.133 195.130.130.5
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b3c4fa58-153c-11e3-be8f-083e8eb8f4ec}\Shell - "" = AutoRun
O33 - MountPoints2\{b3c4fa58-153c-11e3-be8f-083e8eb8f4ec}\Shell\AutoRun\command - "" = "I:\WD Drive Unlock.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32: msacm.bdmpeg - C:\WINDOWS\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\WINDOWS\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\SysWow64\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: VIDC.LWLR - C:\WINDOWS\SysWow64\RGBAcodec.dll ()
Drivers32: vidc.mpeg - C:\WINDOWS\SysWow64\bdmpegv.dll ()
Drivers32: vidc.tscc - C:\WINDOWS\SysWow64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015/08/28 19:57:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
[2015/08/24 20:47:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015/08/24 01:11:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2015/08/24 01:11:11 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\AppData\Local\Temp
[2015/08/24 00:36:37 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2015/08/22 13:29:19 | 001,798,576 | ---- | C] (Malwarebytes Corporation) -- C:\Users\Zuzana\Desktop\JRT.exe
[2015/08/21 19:25:17 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\Documents\foto zahrada
[2015/08/20 15:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/08/20 15:22:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015/08/20 15:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/08/20 15:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/08/12 15:03:28 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/08/12 15:03:28 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/08/12 04:41:52 | 007,458,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/08/12 04:41:52 | 001,735,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/08/12 04:41:16 | 002,228,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/08/12 04:41:16 | 000,136,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/08/12 04:41:15 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/08/12 04:41:15 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/08/12 04:41:13 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/08/12 04:41:13 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/08/12 04:41:12 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/08/12 04:41:12 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/08/12 04:41:11 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/08/12 04:41:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/08/12 04:41:11 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/08/12 04:40:05 | 005,923,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/08/12 04:39:59 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2015/08/12 04:39:58 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2015/08/12 04:39:57 | 002,880,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2015/08/12 04:39:56 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/08/12 04:39:55 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2015/08/12 04:39:55 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2015/08/12 04:39:54 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2015/08/12 04:39:53 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2015/08/12 04:39:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/08/12 04:39:52 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/08/12 04:39:52 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/08/12 04:39:51 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/08/12 04:39:51 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/08/12 04:38:35 | 018,823,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2015/08/12 04:38:33 | 015,159,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2015/08/12 04:38:31 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2015/08/12 04:38:28 | 001,116,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/08/12 04:38:28 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/08/12 04:38:28 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/08/12 04:38:27 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/08/12 04:38:27 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/08/12 04:38:27 | 000,025,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2015/08/12 04:38:26 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/08/12 04:38:21 | 000,270,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2015/08/12 04:38:19 | 000,044,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2015/08/12 04:38:18 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2015/08/12 04:37:00 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\csrsrv.dll
[2015/08/12 04:36:59 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2015/08/12 04:36:58 | 000,487,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2015/08/12 04:36:58 | 000,393,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2015/08/12 04:36:54 | 000,536,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcupdate_GenuineIntel.dll
[2015/08/12 04:36:52 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2015/08/12 04:36:51 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2015/08/12 04:36:49 | 007,032,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2015/08/12 04:36:48 | 006,213,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2015/08/12 04:36:47 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2015/08/12 04:36:47 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2015/08/12 04:36:36 | 001,994,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2015/08/12 04:36:36 | 000,358,912 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2015/08/12 04:36:35 | 000,301,568 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2015/08/12 04:36:35 | 000,044,032 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2015/08/12 04:36:35 | 000,035,840 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2015/08/10 22:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2015/08/10 22:42:49 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2015/08/10 21:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/08/10 21:00:37 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2015/08/10 21:00:23 | 000,176,040 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2015/08/10 21:00:23 | 000,176,040 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2015/08/10 21:00:23 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2015/08/10 21:00:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2015/08/10 20:58:47 | 000,320,424 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe
[2015/08/10 20:58:33 | 000,189,864 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe
[2015/08/10 20:58:33 | 000,189,864 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe
[2015/08/10 20:58:33 | 000,111,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2015/08/04 21:33:28 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\Documents\Intelli-studio
[2015/08/04 21:05:29 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\Documents\Plocha
[2015/08/03 21:01:17 | 000,378,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2015/08/03 21:00:59 | 000,043,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2015/08/03 21:00:40 | 000,454,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNdisFlt.sys
[2015/07/30 01:34:13 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care

========== Files - Modified Within 30 Days ==========

[2015/08/28 20:06:37 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/08/28 20:01:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/08/28 19:57:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
[2015/08/28 19:54:15 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/08/27 13:20:35 | 000,008,192 | ---- | M] () -- C:\WINDOWS\SysWow64\WDPABKP.dat
[2015/08/27 13:13:22 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/08/27 13:13:19 | 3334,701,056 | -HS- | M] () -- C:\hiberfil.sys
[2015/08/24 00:42:06 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2015/08/24 00:36:37 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2015/08/24 00:34:07 | 001,308,672 | ---- | M] () -- C:\Users\Zuzana\Desktop\zoek.exe
[2015/08/22 21:51:45 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/08/22 21:51:45 | 000,723,514 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/08/22 21:51:45 | 000,136,128 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/08/22 13:29:36 | 001,798,576 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Zuzana\Desktop\JRT.exe
[2015/08/20 15:23:42 | 000,001,765 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/08/16 13:46:47 | 001,048,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsnx.sys
[2015/08/12 11:13:57 | 005,267,824 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2015/08/10 21:40:39 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/08/10 21:00:14 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2015/08/10 21:00:12 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2015/08/10 21:00:12 | 000,176,040 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2015/08/10 21:00:12 | 000,176,040 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2015/08/10 20:58:22 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2015/08/10 20:58:21 | 000,320,424 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe
[2015/08/10 20:58:21 | 000,189,864 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe
[2015/08/10 20:58:21 | 000,189,864 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe
[2015/08/09 15:28:56 | 000,001,233 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2015/08/08 15:55:08 | 000,794,088 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/08/08 15:55:08 | 000,179,688 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/08/04 22:02:26 | 000,001,456 | ---- | M] () -- C:\Users\Zuzana\Desktop\Google Chrome.lnk
[2015/08/04 21:58:54 | 000,001,065 | ---- | M] () -- C:\Users\Zuzana\Desktop\Mozilla Firefox.lnk
[2015/08/04 21:58:33 | 000,002,300 | ---- | M] () -- C:\Users\Zuzana\Desktop\The Sims™ 3.lnk
[2015/08/04 21:58:19 | 000,001,086 | ---- | M] () -- C:\Users\Zuzana\Desktop\VLC media player.lnk
[2015/08/03 23:26:23 | 000,001,456 | ---- | M] () -- C:\Users\Zuzana\AppData\Local\Adobe Save for Web 13.0 Prefs
[2015/08/03 21:01:12 | 000,447,944 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2015/08/03 21:01:12 | 000,378,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2015/08/03 21:01:12 | 000,274,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2015/08/03 21:01:12 | 000,150,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2015/08/03 21:01:12 | 000,093,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2015/08/03 21:01:12 | 000,090,968 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2015/08/03 21:01:12 | 000,065,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2015/08/03 21:01:12 | 000,028,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2015/08/03 21:00:59 | 000,043,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2015/08/03 21:00:47 | 000,028,144 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2015/08/03 21:00:41 | 000,454,016 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNdisFlt.sys
[2015/08/03 19:18:17 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/07/31 11:46:47 | 000,001,334 | ---- | M] () -- C:\Users\Zuzana\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/07/31 11:46:47 | 000,001,041 | ---- | M] () -- C:\Users\Zuzana\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/07/30 16:04:44 | 000,124,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/07/30 15:48:07 | 000,103,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/07/30 01:29:11 | 000,013,792 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\semav6thermal64ro.sys

========== Files Created - No Company Name ==========

[2015/08/28 20:06:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/08/24 01:11:12 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2015/08/24 00:34:03 | 001,308,672 | ---- | C] () -- C:\Users\Zuzana\Desktop\zoek.exe
[2015/08/20 15:23:42 | 000,001,765 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/08/12 04:40:21 | 000,411,133 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015/08/10 21:40:39 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/08/10 20:59:04 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/08/09 20:02:30 | 000,001,242 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
[2015/08/09 19:56:59 | 000,001,348 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
[2015/08/09 18:27:01 | 000,001,511 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk
[2015/08/09 17:46:30 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse CC 2015.lnk
[2015/08/09 17:32:39 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
[2015/08/09 16:50:59 | 000,001,056 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
[2015/08/09 16:25:58 | 000,001,134 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.lnk
[2015/08/09 15:52:56 | 000,001,122 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
[2015/08/09 15:28:56 | 000,001,233 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2015/08/04 21:58:54 | 000,001,065 | ---- | C] () -- C:\Users\Zuzana\Desktop\Mozilla Firefox.lnk
[2015/08/04 21:58:47 | 000,001,456 | ---- | C] () -- C:\Users\Zuzana\Desktop\Google Chrome.lnk
[2015/08/04 21:58:33 | 000,002,300 | ---- | C] () -- C:\Users\Zuzana\Desktop\The Sims™ 3.lnk
[2015/08/04 21:58:19 | 000,001,086 | ---- | C] () -- C:\Users\Zuzana\Desktop\VLC media player.lnk
[2015/07/30 01:34:13 | 000,002,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
[2015/04/15 15:40:46 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysWow64\WDPABKP.dat
[2015/04/05 14:06:47 | 000,004,966 | ---- | C] () -- C:\ProgramData\wmzddnmb.cix
[2015/03/12 02:34:41 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2015/03/12 02:25:58 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/01/28 17:26:05 | 000,000,193 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2015/01/19 18:19:43 | 002,061,824 | ---- | C] () -- C:\WINDOWS\SysWow64\QtNetworkTR4.dll
[2015/01/19 18:19:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\SysWow64\QtSvgTR4.dll
[2015/01/19 18:19:41 | 008,500,224 | ---- | C] () -- C:\WINDOWS\SysWow64\QtGuiTR4.dll
[2015/01/19 18:19:41 | 002,522,112 | ---- | C] () -- C:\WINDOWS\SysWow64\QtCoreTR4.dll
[2014/12/16 06:16:58 | 000,033,928 | ---- | C] () -- C:\WINDOWS\SysWow64\RGBAcodec.dll
[2014/04/22 21:09:05 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2013/12/21 01:02:44 | 000,280,064 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/12/21 01:02:40 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/12/21 01:02:40 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/11/22 13:52:00 | 000,190,824 | ---- | C] () -- C:\WINDOWS\libactivboardex.dll
[2013/08/15 23:27:07 | 000,003,584 | ---- | C] () -- C:\Users\Zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/02 20:23:31 | 000,001,456 | ---- | C] () -- C:\Users\Zuzana\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/04/18 09:18:04 | 000,601,088 | ---- | C] () -- C:\Users\Zuzana\AppData\Roaming\SharedSettings.ccs

========== ZeroAccess Check ==========

[2014/08/02 00:35:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/05/07 19:50:50 | 022,292,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/05/07 18:53:12 | 019,734,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/05/01 08:31:50 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2014/05/01 08:31:50 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/03/27 18:35:39 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Seznam.cz
[2014/11/21 18:01:30 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\.AdobeDRMRemoval
[2013/08/22 18:33:33 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Acoustica
[2015/01/12 16:12:21 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\ACTIV Software
[2013/12/13 11:38:04 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\AVAST Software
[2014/04/10 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\AVG2014
[2013/08/15 22:38:26 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\BANDISOFT
[2013/03/13 18:45:47 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Canon
[2014/02/14 14:55:35 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\chc
[2014/02/14 14:55:35 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/02/20 20:48:50 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/04/17 13:00:37 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2014/04/22 19:56:51 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Dropbox
[2014/04/22 19:56:50 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\DropboxMaster
[2015/04/04 20:24:57 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\DVDVideoSoft
[2014/10/06 16:37:26 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\EuroTalk
[2013/02/22 17:57:36 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\FreeHideIP
[2013/04/15 16:59:53 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\HellSpy.cz Download Manager
[2013/02/21 18:36:48 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Image-Line
[2013/12/30 00:40:15 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Imagenomic
[2014/10/31 16:43:52 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\iolo
[2014/10/06 16:37:29 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\langmaster.com
[2013/07/10 11:57:40 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\MAGIX
[2015/04/05 14:31:38 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Movavi
[2013/04/15 17:34:39 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\MySQL
[2013/02/19 04:36:23 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\OpenOffice.org
[2013/09/28 20:51:55 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Origin
[2013/03/17 14:52:35 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\PDAppFlex
[2015/01/13 14:49:42 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Promethean
[2015/08/10 22:33:57 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Seznam.cz
[2013/06/07 23:45:09 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\SolidDocuments
[2013/03/17 14:53:39 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/07/04 18:37:36 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\TOPSPIN Solutions, s.r.o
[2014/04/10 19:16:38 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\TuneUp Software
[2013/02/08 18:26:52 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\WildTangent
[2014/11/20 19:10:11 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\XMind

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2015/08/10 20:59:04 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2014/05/03 17:52:01 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014/09/19 02:59:54 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys
[2015/07/10 12:30:50 | 000,063,328 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\AGP440.sys
[2015/07/10 12:30:50 | 000,063,328 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_c357541563097b98\AGP440.sys
[2015/07/10 12:30:50 | 000,063,328 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_10.0.10240.16384_none_c2135eea595e241e\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
[2015/07/10 12:30:51 | 000,028,512 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\atapi.sys
[2015/07/10 12:30:51 | 000,028,512 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_5689072091519d03\atapi.sys
[2015/07/10 12:30:51 | 000,028,512 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.10240.16384_none_e53899c8bc371940\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014/05/03 17:54:16 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/05/04 06:38:48 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe
[2015/07/10 12:30:55 | 000,944,640 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\autochk.exe
[2015/07/10 12:30:55 | 000,944,640 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.10240.16384_none_e9f45ef85c6e6d93\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
[2015/07/10 12:30:51 | 000,174,080 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\cdrom.sys
[2015/07/10 12:30:51 | 000,174,080 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\cdrom.inf_amd64_db01c84a794e67f7\cdrom.sys
[2015/07/10 12:30:51 | 000,174,080 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_10.0.10240.16384_none_67a9cd913e74b4ee\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2015/04/08 16:42:46 | 000,018,016 | ---- | M] () MD5=14E1348B6D5DD39C23C2F8FE569B52E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
[2014/10/29 03:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\WINDOWS\SysNative\cryptsvc.dll
[2014/10/29 03:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.17415_none_670a944b6e8cc0e5\cryptsvc.dll
[2015/07/10 12:30:56 | 000,077,312 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\cryptsvc.dll
[2015/07/10 12:30:56 | 000,077,312 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_10.0.10240.16384_none_7e000b13357c988d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2015/04/08 16:56:37 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2014/09/19 03:02:56 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/09/19 03:17:52 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/05/11 17:48:04 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2015/04/08 16:56:33 | 000,396,313 | ---- | M] () MD5=426AEABD8DD389A65A8EE92AB5936153 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2015/04/08 19:48:14 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/09/19 03:02:53 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/05/11 17:39:42 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/05/04 06:26:34 | 000,238,900 | ---- | M] () MD5=7EFB11341AB1805C1B20169B6FEA9C4D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\SysWOW64\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2014/09/19 03:17:47 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/05/03 17:59:22 | 000,284,316 | ---- | M] () MD5=C252617200340402DFE4CB9FCA59B193 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2015/04/08 19:48:09 | 000,338,943 | ---- | M] () MD5=E4FD740C3316F1D1C8322471553466C7 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe

< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/08/31 18:56:24 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/03/23 18:17:12 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/05/03 18:00:30 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll
[2015/07/10 12:30:57 | 000,425,824 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\hal.dll
[2015/07/10 12:30:57 | 000,425,824 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_10.0.10240.16384_none_b3296452f45781f9\hal.dll

< MD5 for: IASTORV.SYS >
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys
[2015/07/10 12:30:50 | 000,412,000 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\iaStorV.sys
[2015/07/10 12:30:50 | 000,412,000 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2015/07/10 12:30:50 | 000,412,000 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_10.0.10240.16384_none_b711c42722754533\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2014/05/03 17:52:01 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014/09/19 02:59:54 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys
[2015/07/10 12:30:50 | 000,022,368 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\isapnp.sys
[2015/07/10 12:30:50 | 000,022,368 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_c357541563097b98\isapnp.sys
[2015/07/10 12:30:50 | 000,022,368 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_10.0.10240.16384_none_c2135eea595e241e\isapnp.sys

< MD5 for: LSASS.EXE >
[2014/10/29 05:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\WINDOWS\SysNative\lsass.exe
[2014/10/29 05:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.17415_none_2e769c84660bda1b\lsass.exe
[2015/04/08 17:12:40 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe
[2015/07/10 12:30:57 | 000,056,344 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\lsass.exe
[2015/07/10 12:30:57 | 000,056,344 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_10.0.10240.16384_none_456c134c2cfbb1c3\lsass.exe

< MD5 for: NDIS.SYS >
[2014/02/24 18:30:08 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2015/02/05 22:24:44 | 001,113,920 | ---- | M] (Microsoft Corporation) MD5=6D3A2565E01B3E4B0F1BEDB0D4B00B3F -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17673_none_4a1d9ccbfbfbedff\ndis.sys
[2014/05/03 18:09:55 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2015/07/14 23:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2015/07/14 23:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17933_none_4a48e22dfbdb75b0\ndis.sys
[2015/04/08 18:49:32 | 000,080,695 | ---- | M] () MD5=9C48968B0344AD63559D0D080DA66103 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17399_none_4a0df8fdfc06c676\ndis.sys
[2014/09/19 03:10:16 | 000,025,682 | ---- | M] () MD5=D2D6A481A75207BF24E9D48C61B7F012 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2015/04/08 18:49:30 | 000,164,370 | ---- | M] () MD5=ED85CDFC3CB84F6619D2AF6D6E736BC1 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys
[2015/07/10 12:30:57 | 001,168,736 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\ndis.sys
[2015/07/10 12:30:57 | 001,168,736 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.10240.16384_none_6155efe3c2b95661\ndis.sys

< MD5 for: NETLOGON.DLL >
[2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\WINDOWS\SysNative\netlogon.dll
[2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_eec2b22a0bb75b53\netlogon.dll
[2014/05/11 17:48:42 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2015/04/08 19:05:56 | 000,125,384 | ---- | M] () MD5=45C2C2EA335BD7FF360C7F006B915766 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2015/04/08 19:59:54 | 000,105,907 | ---- | M] () MD5=B25E2DE4078511EB1747FA0BDB6E4FC5 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/10/29 03:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\SysWOW64\netlogon.dll
[2014/10/29 03:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_f9175c7c40181d4e\netlogon.dll
[2014/05/11 17:42:38 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
[2015/07/10 12:30:56 | 000,836,096 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\netlogon.dll
[2015/07/10 12:30:56 | 000,836,096 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.10240.16384_none_05b828f1d2a732fb\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys
[2015/07/10 12:30:51 | 000,150,368 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\nvraid.sys
[2015/07/10 12:30:51 | 000,150,368 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_3ee6d81b22b3ea66\nvraid.sys
[2015/07/10 12:30:51 | 000,150,368 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_10.0.10240.16384_none_41db34d659abef0b\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys
[2015/07/10 12:30:51 | 000,166,240 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\nvstor.sys
[2015/07/10 12:30:51 | 000,166,240 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_3ee6d81b22b3ea66\nvstor.sys
[2015/07/10 12:30:51 | 000,166,240 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_10.0.10240.16384_none_41db34d659abef0b\nvstor.sys

< MD5 for: SCECLI.DLL >
[2015/04/08 19:59:17 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2015/04/08 19:04:43 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014/10/29 03:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\WINDOWS\SysNative\scecli.dll
[2014/10/29 03:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/10/29 03:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/10/29 03:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll
[2015/07/10 12:30:56 | 000,284,672 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\scecli.dll
[2015/07/10 12:30:56 | 000,284,672 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.10240.16384_none_400e540a73c8b9b6\scecli.dll

< MD5 for: SMSS.EXE >
[2014/05/03 18:15:54 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe
[2015/07/10 12:30:56 | 000,134,832 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\smss.exe
[2015/07/10 12:30:56 | 000,134,832 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_10.0.10240.16384_none_866147f18378b803\smss.exe

< MD5 for: SVCHOST.EXE >
[2015/06/18 08:39:28 | 000,893,752 | ---- | M] (MalwareBytes) MD5=0692C8163852AB5674E2EB3B36131EF3 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2015/04/08 20:34:32 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2015/04/08 19:09:20 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014/10/29 05:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/10/29 05:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/10/29 06:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\WINDOWS\SysNative\svchost.exe
[2014/10/29 06:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe
[2015/07/10 12:30:56 | 000,039,856 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\svchost.exe
[2015/07/10 12:30:56 | 000,039,856 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.10240.16384_none_bdbbcb4f9ffb0889\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/02/24 18:33:38 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/03/16 23:56:28 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/05/11 17:44:16 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/10/29 05:52:15 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=468273F7089A3A33D149955F0F203FA4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17415_none_a4290d393a23b3f2\tcpip.sys
[2014/10/19 23:00:51 | 000,445,111 | ---- | M] () MD5=5F46548648648BE21060C8DED2B56238 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2015/06/11 22:12:57 | 002,476,376 | ---- | M] (Microsoft Corporation) MD5=746DDF7D59AB8D721C88D48434597E8D -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2015/06/11 22:12:57 | 002,476,376 | ---- | M] (Microsoft Corporation) MD5=746DDF7D59AB8D721C88D48434597E8D -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17903_none_a431e60f3a1d5716\tcpip.sys
[2014/08/31 19:08:04 | 000,223,198 | ---- | M] () MD5=889B53B7C56665B0277CC00EF4051DE4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/10/20 00:08:50 | 000,446,400 | ---- | M] () MD5=96F67EB5FD0CF6809C15A9530C68A8B7 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/10/19 23:00:47 | 000,447,007 | ---- | M] () MD5=CBBC133323549D9091F012AE8B8A3BBA -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2015/04/08 19:21:50 | 000,409,864 | ---- | M] () MD5=D0C41590A1BCB4C0BD592D8AB976FE2F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17336_none_a4146bc53a330804\tcpip.sys
[2014/11/20 00:53:03 | 000,241,540 | ---- | M] () MD5=E7D9CAEE2A6C4007CB85632A13D4EEF3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys
[2015/07/10 12:30:57 | 002,430,816 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\tcpip.sys
[2015/07/10 12:30:57 | 002,430,816 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-tcpip-driver_31bf3856ad364e35_10.0.10240.16384_none_dff8f76051dbe4bb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2015/04/08 19:24:45 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2015/04/08 20:41:53 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014/10/29 03:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\WINDOWS\SysNative\userinit.exe
[2014/10/29 03:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014/10/29 03:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014/10/29 03:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe
[2015/07/10 12:30:56 | 000,030,720 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\userinit.exe
[2015/07/10 12:30:56 | 000,030,720 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_10.0.10240.16384_none_e4292bc46c5d42af\userinit.exe

< MD5 for: WINLOGON.EXE >
[2015/06/18 08:39:28 | 000,893,752 | ---- | M] (MalwareBytes) MD5=0692C8163852AB5674E2EB3B36131EF3 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2015/04/08 19:29:01 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/05/04 03:20:44 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2014/10/29 03:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/10/29 03:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
[2015/07/10 12:30:56 | 000,578,048 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\winlogon.exe
[2015/07/10 12:30:56 | 000,578,048 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.10240.16384_none_77c372c56f9ec699\winlogon.exe

< MD5 for: WS2_32.DLL >
[2014/10/29 05:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\SysWOW64\ws2_32.dll
[2014/10/29 05:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_87a41025e9b6078a\ws2_32.dll
[2014/10/29 05:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\WINDOWS\SysNative\ws2_32.dll
[2014/10/29 05:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_e3c2aba9a21378c0\ws2_32.dll
[2015/04/08 20:44:21 | 000,062,052 | ---- | M] () MD5=58D09EFD883813FC9709A9D98A7209DF -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2015/04/08 19:26:46 | 000,065,749 | ---- | M] () MD5=F77C96590EA4741EB62B0FBC7A9FFFE8 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll
[2015/07/10 12:30:57 | 000,422,560 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\ws2_32.dll
[2015/07/10 12:30:57 | 000,422,560 | ---- | M] () Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.10240.16384_none_fab8227169035068\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\*.tmp -> ]
[1 C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp -> ]
[1 C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/11/21 18:01:30 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\.AdobeDRMRemoval
[2013/08/22 18:33:33 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Acoustica
[2015/01/12 16:12:21 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\ACTIV Software
[2015/08/09 19:56:49 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Adobe
[2014/11/21 17:58:45 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\AdobeDRMRemoval
[2013/02/25 22:41:48 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\AdobeMuse
[2013/05/05 18:41:31 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Apple Computer
[2013/08/26 12:53:29 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\ArcSoft
[2014/01/03 17:42:44 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Atheros
[2013/12/13 11:38:04 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\AVAST Software
[2014/04/10 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\AVG2014
[2013/08/15 22:38:26 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\BANDISOFT
[2013/03/13 18:45:47 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Canon
[2014/02/14 14:55:35 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\chc
[2014/02/14 14:55:35 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/02/20 20:48:50 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/04/17 13:00:37 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2014/06/29 18:43:39 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\CyberLink
[2014/05/27 12:18:42 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\DivX
[2014/04/22 19:56:51 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Dropbox
[2014/04/22 19:56:50 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\DropboxMaster
[2015/05/09 18:42:27 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\dvdcss
[2015/04/04 20:24:57 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\DVDVideoSoft
[2014/10/06 16:37:26 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\EuroTalk
[2013/02/22 17:57:36 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\FreeHideIP
[2013/04/15 16:59:53 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\HellSpy.cz Download Manager
[2013/02/07 19:26:07 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Identities
[2013/02/21 18:36:48 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Image-Line
[2013/12/30 00:40:15 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Imagenomic
[2014/01/03 17:45:07 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Intel Corporation
[2015/08/04 21:34:09 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Intelli-studio
[2014/10/31 16:43:52 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\iolo
[2014/10/06 16:37:29 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\langmaster.com
[2013/02/07 19:31:39 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Macromedia
[2013/07/10 11:57:40 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\MAGIX
[2013/12/29 22:01:01 | 000,000,000 | --SD | M] -- C:\Users\Zuzana\AppData\Roaming\Microsoft
[2015/04/05 14:31:38 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Movavi
[2013/03/17 15:37:08 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Mozilla
[2013/04/15 17:34:39 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\MySQL
[2013/02/19 04:36:23 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\OpenOffice.org
[2013/09/28 20:51:55 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Origin
[2013/03/17 14:52:35 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\PDAppFlex
[2015/01/13 14:49:42 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Promethean
[2013/09/28 20:54:43 | 000,000,000 | RH-D | M] -- C:\Users\Zuzana\AppData\Roaming\SecuROM
[2015/08/10 22:33:57 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Seznam.cz
[2013/06/07 23:45:09 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\SolidDocuments
[2013/02/07 19:37:15 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Sony Corporation
[2013/03/17 14:53:39 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/07/04 18:37:36 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\TOPSPIN Solutions, s.r.o
[2014/04/10 19:16:38 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\TuneUp Software
[2015/08/24 00:10:27 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\vlc
[2013/02/08 18:26:52 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\WildTangent
[2014/11/20 19:10:11 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\XMind

< %APPDATA%\*.exe /s >
[2014/03/19 14:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\Zuzana\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014/03/19 14:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Zuzana\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014/03/19 14:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\Zuzana\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013/07/14 18:41:23 | 017,835,080 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Intelli-studio\iUpdate.exe
[2015/04/16 12:27:55 | 000,054,432 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Zuzana\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/09/13 16:24:48 | 001,009,288 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Seznam.cz\szninstall.exe
[2013/02/13 17:16:08 | 000,942,080 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
[2013/02/04 16:53:30 | 000,055,808 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013/01/22 15:55:12 | 000,456,696 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013/01/22 15:54:46 | 000,092,152 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013/02/08 18:27:06 | 000,000,174 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-sony.exe_filedata
[2012/11/29 03:52:32 | 000,572,064 | ---- | M] (WildTangent, Inc.) -- C:\Users\Zuzana\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

LolaBe · #23 Příspěvek od **LolaBe** » 28 srp 2015 21:22

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015/08/27 13:22:20 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt
[2015/08/27 13:20:35 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\WDPABKP.dat

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Speech Recognition" = "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup -- [2014/10/29 04:33:56 | 000,044,032 | ---- | M] (Microsoft Corporation)
"OneDrive" = "C:\Users\Zuzana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background -- [2015/08/20 15:52:17 | 000,404,064 | ---- | M] (Microsoft Corporation)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015/07/17 20:33:20 | 008,418,584 | ---- | M] (Piriform Ltd)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/08/28 20:06:37 | 000,000,512 | ---- | M] () MD5=2F96B9E4C7A229B03CC17408604C6DB2 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008/09/08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[2015/08/09 19:54:52 | 001,159,409 | R--- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Presets\Image - Special Effects\Cracked Tiles.ffx
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\de_DE\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\de_DE\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\de_DE\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\en_US\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\en_US\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\en_US\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\es_ES\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\es_ES\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\es_ES\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\fr_FR\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\fr_FR\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\fr_FR\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\it_IT\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\it_IT\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\it_IT\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ja_JP\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ja_JP\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ja_JP\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ko_KR\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ko_KR\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ko_KR\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\pt_BR\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\pt_BR\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\pt_BR\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ru_RU\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ru_RU\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:06 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\ru_RU\VSTPlugins\DeCrackler6.dll
[2015/05/26 01:37:08 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\zh_CN\VSTPlugins\DeCrackler1.dll
[2015/05/26 01:37:08 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\zh_CN\VSTPlugins\DeCrackler2.dll
[2015/05/26 01:37:08 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\Plug-ins\zh_CN\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:38 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\de_DE\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:38 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\de_DE\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:38 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\de_DE\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\en_US\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\en_US\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\en_US\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:40 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\es_ES\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:40 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\es_ES\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:40 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\es_ES\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\fr_FR\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\fr_FR\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\fr_FR\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:42 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\it_IT\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:42 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\it_IT\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:42 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\it_IT\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:42 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ja_JP\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:42 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ja_JP\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:42 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ja_JP\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:44 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ko_KR\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:44 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ko_KR\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:44 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ko_KR\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:44 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\pt_BR\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:46 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\pt_BR\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:46 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\pt_BR\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:46 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ru_RU\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:46 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ru_RU\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:46 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\ru_RU\VSTPlugins\DeCrackler6.dll
[2015/06/03 23:00:48 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\zh_CN\VSTPlugins\DeCrackler1.dll
[2015/06/03 23:00:48 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\zh_CN\VSTPlugins\DeCrackler2.dll
[2015/06/03 23:00:48 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\Plug-ins\zh_CN\VSTPlugins\DeCrackler6.dll
[2012/07/19 01:00:01 | 005,741,299 | ---- | M] () -- \Users\Zuzana\Music\HUDBA\VA - Dancefloor Summer Hits 2012\27. Cracks - Norman Doray Feat. Andreas Moe.mp3

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2015/07/10 06:37:13 | 000,202,944 | ---- | M] () -- \$Windows.~BT\Sources\upgloader.dll
[2 \$Windows.~BT\Sources\*.tmp files -> \$Windows.~BT\Sources\*.tmp -> ]
[2015/07/10 07:30:03 | 000,022,528 | ---- | M] () -- \$Windows.~BT\Sources\en-us\upgloader.dll.mui
[2015/07/10 11:05:35 | 000,012,128 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/07/10 11:05:35 | 000,011,616 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2015/07/10 11:05:34 | 000,011,104 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2015/07/10 11:05:32 | 000,012,128 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/07/10 11:05:32 | 000,011,616 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2015/07/10 11:05:31 | 000,011,104 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2015/07/10 11:05:35 | 000,012,128 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.10240.16384_none_cf654c5f1bc7987f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/07/10 11:05:35 | 000,011,616 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.10240.16384_none_cf654c5f1bc7987f\api-ms-win-core-libraryloader-l1-1-1.dll
[2015/07/10 11:05:34 | 000,011,104 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.10240.16384_none_cf654c5f1bc7987f\api-ms-win-core-stringloader-l1-1-1.dll
[2015/07/10 13:04:42 | 000,000,466 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.10240.16384_en-us_7e992bb47eb12117.manifest
[2015/07/10 13:04:42 | 000,031,072 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.10240.16384_en-us_7e992bb47eb12117_winload.efi.mui_35ee487d
[2015/07/10 13:04:42 | 000,031,072 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.10240.16384_en-us_7e992bb47eb12117_winload.exe.mui_3bc5b827
[2015/07/10 13:04:42 | 000,020,320 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.10240.16384_en-us_7e992bb47eb12117_winresume.efi.mui_f412814e
[2015/07/10 13:04:42 | 000,020,320 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.10240.16384_en-us_7e992bb47eb12117_winresume.exe.mui_ff8b5358
[2015/07/10 12:31:11 | 000,000,554 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.10240.16384_none_63272be107542aec.manifest
[2015/07/10 12:31:11 | 001,294,352 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.10240.16384_none_63272be107542aec_winload.efi_75834aa0
[2015/07/10 12:31:11 | 001,123,400 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.10240.16384_none_63272be107542aec_winload.exe_75835076
[2015/07/10 12:31:11 | 001,019,592 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.10240.16384_none_63272be107542aec_winresume.efi_85cd069f
[2015/07/10 12:31:11 | 000,858,408 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.10240.16384_none_63272be107542aec_winresume.exe_85cd1215
[2015/07/10 12:31:10 | 000,000,616 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2015/07/10 13:04:22 | 000,000,466 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.10240.16384_en-us_7e992bb47eb12117.manifest
[2015/07/10 12:30:33 | 000,000,554 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.10240.16384_none_63272be107542aec.manifest
[2015/07/10 11:05:32 | 000,012,128 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.10240.16384_none_7346b0db636a2749\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/07/10 11:05:32 | 000,011,616 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.10240.16384_none_7346b0db636a2749\api-ms-win-core-libraryloader-l1-1-1.dll
[2015/07/10 11:05:31 | 000,011,104 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.10240.16384_none_7346b0db636a2749\api-ms-win-core-stringloader-l1-1-1.dll
[2013/02/06 15:38:20 | 000,062,414 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\%preloader_pattern.png
[2013/02/06 15:38:20 | 000,008,119 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\loader-3d-snake.gif
[2013/02/06 15:38:20 | 000,010,819 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\loader-bar.gif
[2013/02/06 15:38:20 | 000,003,992 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\loader-drop.gif
[2013/02/06 15:38:20 | 000,000,743 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\loader-wheel.gif
[2013/02/06 15:38:20 | 000,004,412 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\preloader1.gif
[2013/02/06 15:38:20 | 000,001,392 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\preloader2.gif
[2013/02/06 15:38:20 | 000,009,629 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\preloader3.gif
[2013/02/06 15:38:20 | 000,028,557 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\preloader4.gif
[2013/02/06 15:38:20 | 000,004,640 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\preloader5.gif
[2013/02/06 15:38:20 | 000,003,020 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Edge Animate\edgeApp\document_server\images\preloader_pattern.png
[2012/02/28 08:35:18 | 000,292,504 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS6\Plug-ins\File Formats\AdobePSDXLoader.8BI
[2012/02/08 01:37:14 | 000,008,192 | ---- | M] () -- \Program Files (x86)\AzwSoft\Adobe PDF DRM Removal\_win32sysloader.pyd
[2012/09/13 17:57:48 | 000,011,783 | ---- | M] () -- \Program Files (x86)\CoffeeCup Software\Web Form Builder Lite\library\server-scripts\cartapp\phphosted\databaseloader.cls.php
[2015/05/15 16:27:10 | 000,060,712 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\YSLoader.exe
[2015/04/04 20:19:15 | 000,000,629 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
[2015/04/04 20:19:15 | 000,000,615 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
[2015/04/04 20:19:15 | 000,002,796 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\plugins\youtube_mp3_downloader_32_32.png
[2015/04/04 20:19:15 | 000,002,641 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\plugins\youtube_video_downloader_32_32.png
[2012/07/27 16:40:40 | 000,060,528 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\Koan\pyloader.dll
[2012/07/27 16:40:42 | 000,023,871 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\subsys\PyImpLoader\PyImpLoader.kc
[2012/07/27 16:40:42 | 000,109,680 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2010/09/15 17:40:18 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2010/09/15 17:40:20 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\widget\langloader.kc
[2010/09/15 17:40:20 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\widget\layoutloader.kc
[2015/03/24 20:42:08 | 003,213,992 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
[2015/03/24 20:40:46 | 000,701,952 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.pdb
[2015/02/27 16:05:26 | 000,000,936 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.xml
[2015/02/02 14:29:56 | 000,004,856 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfile.xml
[2015/02/02 14:29:56 | 000,006,610 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfileD.xml
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\da-DK\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\de-DE\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,036,864 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\el-GR\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\es-ES\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,013,824 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\fi-FI\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\fr-FR\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\hu-HU\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\it-IT\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\ja-JP\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\nl-NL\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\pl-PL\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\pt-BR\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\pt-PT\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,036,864 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\ru-RU\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\sk-SK\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\sl-SI\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\sv-SE\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\tr-TR\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\vi-VN\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\zh-CN\FreeYTVDownloader.resources.dll
[2015/03/24 20:40:36 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Download\zh-TW\FreeYTVDownloader.resources.dll
[2015/03/24 20:42:18 | 000,082,088 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube to DVD Converter\DVDVideoSoft.DownloaderYT2DvdAppExt.dll
[2015/03/24 21:15:36 | 002,567,336 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube Uploader\FreeYouTubeUploader.exe
[2012/10/27 16:21:08 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Epubor\AdobeDRMRemoval\_win32sysloader.pyd
[2010/02/07 23:30:56 | 000,025,294 | ---- | M] () -- \Program Files (x86)\Klavaro-2.00c\bin\gdk-pixbuf-query-loaders.exe
[2010/02/07 23:40:02 | 000,000,543 | ---- | M] () -- \Program Files (x86)\Klavaro-2.00c\etc\gtk-2.0\gdk-pixbuf.loaders
[2012/08/13 12:52:58 | 000,006,081 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012/08/10 18:50:58 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012/08/13 13:04:18 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012/08/10 18:50:54 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012/08/13 12:12:36 | 000,003,868 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2013/01/21 16:05:16 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2015/04/01 13:41:14 | 000,000,946 | ---- | M] () -- \Program Files (x86)\Shotcut\share\mlt\core\loader.dict
[2015/04/01 13:41:14 | 000,000,634 | ---- | M] () -- \Program Files (x86)\Shotcut\share\mlt\core\loader.ini
[2015/04/01 13:41:14 | 000,000,770 | ---- | M] () -- \Program Files (x86)\Shotcut\share\mlt\core\producer_loader.yml
[2012/07/27 16:04:38 | 000,370,784 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\PMBDownloader.exe
[2012/07/27 16:02:56 | 000,000,012 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\PMBDownloader.ver
[2012/07/27 16:02:56 | 000,000,012 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\PMBServiceUploader.ver
[2012/07/27 16:07:30 | 004,026,464 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\ServiceUploader.dll
[2012/07/27 16:04:40 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\de-DE\PMBDownloaderLOC.dll
[2012/03/13 18:42:36 | 000,037,375 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\de-DE\ServiceUploaderStrings.xml
[2012/07/27 16:04:40 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\en-US\PMBDownloaderLOC.dll
[2012/04/18 18:45:28 | 000,034,069 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\en-US\ServiceUploaderStrings.xml
[2012/07/27 16:04:42 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\es-ES\PMBDownloaderLOC.dll
[2012/03/13 18:42:36 | 000,037,748 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\es-ES\ServiceUploaderStrings.xml
[2012/07/27 16:04:42 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\fr-FR\PMBDownloaderLOC.dll
[2012/03/13 18:42:36 | 000,038,017 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\fr-FR\ServiceUploaderStrings.xml
[2012/07/27 16:04:44 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\it-IT\PMBDownloaderLOC.dll
[2012/04/18 18:03:28 | 000,036,539 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\it-IT\ServiceUploaderStrings.xml
[2012/07/27 16:04:38 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\ja-JP\PMBDownloaderLOC.dll
[2012/04/18 18:45:28 | 000,040,190 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\ja-JP\ServiceUploaderStrings.xml
[2012/07/27 16:04:44 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\ko-KR\PMBDownloaderLOC.dll
[2012/04/18 18:45:28 | 000,037,691 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\ko-KR\ServiceUploaderStrings.xml
[2012/07/27 16:04:46 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\nl-NL\PMBDownloaderLOC.dll
[2012/03/13 18:42:36 | 000,035,795 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\nl-NL\ServiceUploaderStrings.xml
[2012/07/27 16:04:50 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\pl-PL\PMBDownloaderLOC.dll
[2012/03/13 18:42:36 | 000,036,670 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\pl-PL\ServiceUploaderStrings.xml
[2012/07/27 16:04:46 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\pt-BR\PMBDownloaderLOC.dll
[2012/03/13 18:42:36 | 000,037,352 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\pt-BR\ServiceUploaderStrings.xml
[2012/07/27 16:04:46 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\ru-RU\PMBDownloaderLOC.dll
[2012/03/13 18:42:36 | 000,048,492 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\ru-RU\ServiceUploaderStrings.xml
[2012/07/27 16:04:48 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\sv-SE\PMBDownloaderLOC.dll
[2012/03/13 18:42:36 | 000,035,348 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\sv-SE\ServiceUploaderStrings.xml
[2012/07/27 16:04:48 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\zh-CN\PMBDownloaderLOC.dll
[2012/04/18 18:45:28 | 000,033,140 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\zh-CN\ServiceUploaderStrings.xml
[2012/07/27 16:04:50 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\zh-TW\PMBDownloaderLOC.dll
[2012/04/18 18:45:28 | 000,033,193 | ---- | M] () -- \Program Files (x86)\Sony\PlayMemories Home\Resources\zh-TW\ServiceUploaderStrings.xml
[2015/01/19 18:19:48 | 002,656,768 | ---- | M] () -- \Program Files (x86)\Totally Rad\tr_bin\downloader.exe
[2012/07/20 09:32:39 | 000,001,012 | ---- | M] () -- \Program Files (x86)\WildGames\onplay\downloader_bg_400.gif
[2012/05/21 23:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012/07/19 01:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2012/05/21 23:56:04 | 000,009,085 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010/11/03 23:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2009/07/09 00:54:24 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Yawcam\img\ajax-loader.gif
[2015/05/26 03:33:24 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\MXF_SDK_MetaMetadata_BinaryLoader_4.4.40_vs10.dll
[2015/05/26 03:33:24 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\MXF_SDK_MetaMetadata_XSDLoader2_4.4.40_vs10.dll
[2015/05/26 03:33:24 | 000,148,480 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\MXF_SDK_MetaMetadata_XSDLoader_4.4.40_vs10.dll
[2015/05/25 20:34:10 | 000,016,691 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\teamrender\webserver\libs\jinja2\loaders.py
[2015/05/25 20:34:10 | 000,006,991 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\teamrender\webserver\libs\jinja2\testsuite\loader.py
[2015/07/21 17:33:46 | 000,105,648 | ---- | M] () -- \Program Files\Adobe\Adobe Lightroom\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.33_vs10.dll
[2015/07/21 17:33:46 | 000,202,928 | ---- | M] () -- \Program Files\Adobe\Adobe Lightroom\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.33_vs10.dll
[2015/07/21 17:33:46 | 000,154,800 | ---- | M] () -- \Program Files\Adobe\Adobe Lightroom\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.33_vs10.dll
[2015/05/25 21:18:52 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\MXF_SDK_MetaMetadata_BinaryLoader_4.4.40_vs10.dll
[2015/05/25 21:18:52 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\MXF_SDK_MetaMetadata_XSDLoader2_4.4.40_vs10.dll
[2015/05/25 21:18:52 | 000,148,480 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\MXF_SDK_MetaMetadata_XSDLoader_4.4.40_vs10.dll
[2012/02/28 08:35:18 | 000,292,504 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Plug-ins\File Formats\AdobePSDXLoader.8BI
[2015/05/11 10:34:24 | 000,000,251 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\extensions\com.adobe.preview\PSLoader\loader.html
[2015/07/22 03:48:50 | 000,105,680 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_BinaryLoader_4.4.33_vs10.dll
[2015/07/22 03:48:50 | 000,202,960 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_XSDLoader2_4.4.33_vs10.dll
[2015/07/22 03:48:50 | 000,154,832 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_XSDLoader_4.4.33_vs10.dll
[2012/02/28 08:35:18 | 000,302,744 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Plug-ins\File Formats\AdobePSDXLoader.8BI
[2015/06/03 23:02:30 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\MXF_SDK_MetaMetadata_BinaryLoader_4.4.40_vs10.dll
[2015/06/03 23:02:30 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\MXF_SDK_MetaMetadata_XSDLoader2_4.4.40_vs10.dll
[2015/06/03 23:02:30 | 000,148,480 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\MXF_SDK_MetaMetadata_XSDLoader_4.4.40_vs10.dll
[2015/08/03 21:00:54 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015/08/03 21:00:54 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2015/05/15 16:26:48 | 000,077,096 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\YSLoader.exe
[2015/02/04 17:29:52 | 000,134,456 | ---- | M] () -- \Program Files\Sony\VAIO Care\Seagate\LoaderATA.xss
[2015/02/04 17:29:52 | 000,112,520 | ---- | M] () -- \Program Files\Sony\VAIO Care\Seagate\LoaderSCSI.xss
[2015/02/04 17:29:52 | 000,117,352 | ---- | M] () -- \Program Files\Sony\VAIO Care\Seagate\LoaderUSB.xss
[2012/08/09 11:06:58 | 000,486,056 | ---- | M] () -- \Program Files\Sony\VAIO Improvement\viuploader.exe
[2013/12/30 21:50:19 | 000,083,544 | ---- | M] () -- \Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag\Sony.VAIO.VAIOImprovement.Uploader.winmd
[2013/12/29 18:13:37 | 000,009,380 | ---- | M] () -- \Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag\js\IO\backgroundMessageLoader.js
[2013/12/29 18:13:37 | 000,002,367 | ---- | M] () -- \Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag\js\IO\customDataLoader.js
[2014/04/01 22:27:52 | 000,046,831 | ---- | M] () -- \Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag\js\IO\messageLoader.js
[2014/04/01 22:27:52 | 000,026,393 | ---- | M] () -- \Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag\js\IO\messageLoader_SAX.js
[2014/04/01 22:27:52 | 000,017,920 | ---- | M] () -- \Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag\js\IO\preinstallMessageLoader.js
[2014/02/18 16:49:51 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2014/03/12 13:29:11 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/12 13:29:11 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2013/12/30 21:36:34 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2013/12/30 21:36:34 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2013/12/30 21:36:58 | 000,001,181 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\LoaderPage.xbf
[2013/12/30 21:37:01 | 000,006,129 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xbf
[2013/12/30 21:37:33 | 000,001,290 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\ApplicationLoader.xbf
[2014/03/12 13:29:11 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/12 13:29:11 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2013/12/30 21:36:34 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2013/12/30 21:36:34 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2013/12/30 21:37:56 | 000,004,686 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xbf
[2014/03/12 13:29:11 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/12 13:29:11 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2013/12/30 21:36:34 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2013/12/30 21:36:34 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/05/15 13:58:38 | 000,011,287 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Controls\PreloaderPage.xbf
[2014/05/15 13:58:38 | 000,001,262 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Pages\LoaderPage.xbf
[2013/11/14 09:17:19 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/11/14 09:17:19 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/11/14 09:17:19 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/11/14 09:19:01 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2015/07/30 01:35:06 | 000,000,096 | ---- | M] () -- \ProgramData\Sony Corporation\VAIO Care\VCLoader.exe_ProcessId_4372.txt
[2012/08/21 03:46:05 | 000,027,264 | ---- | M] () -- \ProgramData\Sony Corporation\VAIO Partners\McAfee\SelfProtect\Win32\aploader.exe
[2012/08/21 03:46:11 | 000,027,824 | ---- | M] () -- \ProgramData\Sony Corporation\VAIO Partners\McAfee\SelfProtect\Win64\aploader.exe
[2015/07/30 01:35:06 | 000,000,096 | ---- | M] () -- \Users\All Users\Sony Corporation\VAIO Care\VCLoader.exe_ProcessId_4372.txt
[2012/08/21 03:46:05 | 000,027,264 | ---- | M] () -- \Users\All Users\Sony Corporation\VAIO Partners\McAfee\SelfProtect\Win32\aploader.exe
[2012/08/21 03:46:11 | 000,027,824 | ---- | M] () -- \Users\All Users\Sony Corporation\VAIO Partners\McAfee\SelfProtect\Win64\aploader.exe
[2012/09/13 15:45:58 | 000,058,424 | ---- | M] () -- \Users\Guest\AppData\Roaming\Seznam.cz\bin\libfoxloader.dll
[2012/08/07 14:39:12 | 000,000,165 | ---- | M] () -- \Users\Guest\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2012/08/13 19:05:28 | 000,000,235 | ---- | M] () -- \Users\Guest\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.install.bat
[2012/08/13 19:05:26 | 000,000,130 | ---- | M] () -- \Users\Guest\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.uninstall.bat
[2014/10/09 17:10:17 | 000,000,786 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\Ulrika - iPad\DiagnosticLogs\LanguageAssetLoader\LanguageAssetLoader_2014_09_26_14_51_410200.log
[2012/12/07 15:50:02 | 000,009,142 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2014/01/24 16:13:52 | 003,584,044 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\DVDVideoSoft\logs\FreeYTVDownloader.log
[2013/04/26 14:04:48 | 000,134,197 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\DVDVideoSoft\logs\FreeYTVDownloader_install.txt
[2014/01/24 15:37:26 | 000,120,489 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra1.log
[2012/09/13 16:45:58 | 000,058,424 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\Seznam.cz\bin\libfoxloader.dll
[2012/08/07 15:39:12 | 000,000,165 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/01/21 16:05:16 | 000,030,608 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2012/08/13 20:05:28 | 000,000,235 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.install.bat
[2012/08/13 20:05:26 | 000,000,130 | ---- | M] () -- \Users\Zuzana\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.uninstall.bat
[2011/12/12 03:03:14 | 003,310,009 | ---- | M] () -- \Users\Zuzana\Music\HUDBA\Freeloader---Dave-Darell-(Original-Mix).mp3
[2011/12/12 03:03:14 | 003,310,009 | ---- | M] () -- \Users\Zuzana\Music\HUDBA\Hudba\Freeloader---Dave-Darell-(Original-Mix).mp3
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2014/10/29 03:51:40 | 000,041,472 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2014/10/29 03:51:40 | 000,041,472 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/05/03 17:52:16 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/05/03 17:52:15 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/05/03 17:52:22 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/05/03 17:52:21 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/03/04 14:26:22 | 001,390,936 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/03/04 14:26:22 | 001,263,960 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2015/05/12 02:24:45 | 001,390,936 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17826_none_2152863e3949e497\hvloader.efi
[2015/05/12 02:24:45 | 001,264,472 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17826_none_2152863e3949e497\hvloader.exe
[2015/04/08 16:32:17 | 000,010,089 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2014/10/29 04:34:00 | 000,050,688 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.17415_none_36ff16d863604256\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/30 23:13:01 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2014/05/04 06:49:52 | 000,009,321 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.efi.mui_35ee487d
[2014/05/04 06:49:52 | 000,009,332 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.exe.mui_3bc5b827
[2014/05/04 06:49:52 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.efi.mui_f412814e
[2014/05/04 06:49:52 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.exe.mui_ff8b5358
[2014/09/15 16:18:20 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2014/09/19 12:46:06 | 000,724,249 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.efi_75834aa0
[2014/09/19 12:46:08 | 000,660,625 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.exe_75835076
[2014/09/19 12:46:09 | 000,646,411 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.efi_85cd069f
[2014/09/19 12:46:11 | 000,587,303 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.exe_85cd1215
[2015/06/09 22:32:31 | 000,000,616 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/11/14 09:13:50 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2014/04/22 18:23:26 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013/11/14 09:24:56 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013/11/14 09:31:40 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2013/12/30 04:30:13 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014/04/22 18:23:28 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/09/15 14:26:05 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2015/04/08 20:12:36 | 000,008,359 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2014/10/29 03:51:40 | 000,041,472 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.17415_none_dae07b54ab02d120\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >
[2014/10/11 13:06:08 | 000,001,655 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\WebInspectorUI\Images\DOMTextNode.svg
[2015/01/20 23:35:30 | 000,001,655 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\WebInspectorUI\Images\DOMTextNode.svg

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2015/07/10 12:30:50 | 000,001,044 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\INF\c_multiportserial.inf
[2015/07/10 12:30:51 | 000,083,968 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\serial.sys
[2015/07/10 13:04:31 | 000,011,264 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\en-US\serial.sys.mui
[2015/07/10 13:04:31 | 000,000,232 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2015/07/10 12:30:50 | 000,001,044 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_a49babe23762043b\c_multiportserial.inf
[2015/07/10 12:30:51 | 000,083,968 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\msports.inf_amd64_db43c0c39a11ad06\serial.sys
[2015/07/10 13:04:31 | 000,000,232 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_10.0.10240.16384_en-us_4d2cfd8a49f9991b\c_multiportserial.inf_loc
[2015/07/10 12:30:50 | 000,001,044 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_10.0.10240.16384_none_a8f31ba444fa032f\c_multiportserial.inf
[2015/07/10 13:04:31 | 000,011,264 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_10.0.10240.16384_en-us_100cdf90cde40b27\serial.sys.mui
[2015/07/10 12:30:51 | 000,083,968 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_10.0.10240.16384_none_00982260530b8ed7\serial.sys
[2015/07/10 13:04:12 | 000,000,280 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_10.0.10240.16384_en-us_1d9bcaf52f836572.manifest
[2015/07/10 13:04:18 | 000,000,249 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_10.0.10240.16384_en-us_4d2cfd8a49f9991b.manifest
[2015/07/10 12:30:26 | 000,000,209 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_10.0.10240.16384_none_a8f31ba444fa032f.manifest
[2015/07/10 12:30:41 | 000,000,297 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_10.0.10240.16384_none_19b5fecd475839b9.manifest
[2015/07/10 12:30:31 | 000,001,501 | ---- | M] () -- \$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_10.0.10240.16384_none_3e1523def3e0d790.manifest
[2003/10/09 07:11:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2012/06/25 15:47:25 | 000,630,784 | ---- | M] () -- \Program Files (x86)\Intel\IntelAppStore\bin\serializer.dll
[2015/07/28 01:47:54 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.dll
[2015/08/12 11:06:44 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.ni.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2015/07/21 04:51:34 | 000,772,824 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\boost_serialization.dll
[2015/05/25 20:34:04 | 000,000,192 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\description\Sserial.h
[2015/05/25 20:34:04 | 000,000,253 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\description\Sserial.res
[2015/05/25 20:34:04 | 000,003,466 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\dialogs\IDC_SERIALSERVERMANAGER.res
[2015/05/25 20:34:04 | 000,000,198 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\strings_us\description\Sserial.str
[2015/05/25 20:34:04 | 000,001,146 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\strings_us\dialogs\IDC_SERIALSERVERMANAGER.str
[2015/05/24 17:10:28 | 000,009,839 | ---- | M] () -- \Program Files\Adobe\Adobe Character Animator (Preview)\Support Files\Runtime\shared\adobe\apd\nml\src\build\serialize.js
[2015/07/23 15:57:50 | 000,773,336 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CC 2015\Support Files\Contents\Windows\boost_serialization.dll
[2015/07/19 01:44:40 | 000,773,336 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2015\boost_serialization.dll
[2015/05/18 18:43:18 | 000,003,214 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\extensions\com.adobe.webpa.crema\node_modules\jquery\src\serialize.js
[2015/07/20 05:27:36 | 000,773,328 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2015\boost_serialization.dll
[2015/05/18 18:43:20 | 000,001,562 | ---- | M] () -- \Program Files\Common Files\Adobe\Plug-Ins\CC\Generator\crema.generate\node_modules\cookie\test\serialize.js
[2015/07/28 02:14:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.dll
[2015/08/12 11:07:22 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.ni.dll
[2014/07/09 03:45:33 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/10/13 06:49:15 | 000,000,000 | ---- | M] () -- \Users\Zuzana\AppData\LocalLow\boost_interprocess\DDM0serviceCmdSerializeLock
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2015/08/12 17:23:27 | 002,803,200 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\78d0c41c620debaa923cfc196824adc1\System.Runtime.Serialization.ni.dll
[2015/08/12 17:23:27 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\78d0c41c620debaa923cfc196824adc1\System.Runtime.Serialization.ni.dll.aux
[2015/08/12 17:28:50 | 003,529,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\60fc66a724cb5cf5b8d206c19fb9dbe5\System.Runtime.Serialization.ni.dll
[2015/08/12 17:28:50 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\60fc66a724cb5cf5b8d206c19fb9dbe5\System.Runtime.Serialization.ni.dll.aux
[2015/01/24 18:24:23 | 002,803,200 | ---- | M] () -- \Windows\assembly\temp\6MTZYH69ZU\System.Runtime.Serialization.ni.dll
[2015/01/24 18:24:22 | 000,000,980 | ---- | M] () -- \Windows\assembly\temp\6MTZYH69ZU\System.Runtime.Serialization.ni.dll.aux
[2015/01/24 18:18:20 | 003,529,216 | ---- | M] () -- \Windows\assembly\temp\6S12PRUK1B\System.Runtime.Serialization.ni.dll
[2015/01/24 18:18:19 | 000,000,980 | ---- | M] () -- \Windows\assembly\temp\6S12PRUK1B\System.Runtime.Serialization.ni.dll.aux
[2013/08/22 17:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/09 03:45:07 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/09 03:45:34 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 05:20:21 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/08/22 16:08:06 | 000,008,830 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.cat
[2013/08/22 15:36:48 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.mum
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/22 08:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2014/10/29 03:46:05 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/08/22 16:08:06 | 000,008,830 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.cat
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/11/14 09:14:16 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013/12/29 19:42:15 | 000,004,224 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.PNF
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2013/11/14 09:14:23 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2014/10/29 03:46:05 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013/11/14 09:14:23 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2013/11/14 09:14:16 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2013/11/14 09:14:23 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_en-us_827f8cf89e9c274e\serialui.dll.mui
[2015/04/08 19:24:10 | 000,001,685 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2014/10/29 04:27:06 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.17415_none_e60c9c74f2682fb5\serialui.dll
[2013/11/14 09:14:16 | 000,010,240 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f8cacded072dc6f7\serial.sys.mui
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2014/09/13 09:29:28 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2015/01/24 19:04:10 | 000,011,811 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17187_none_afcf9aa40af92e22\System.Runtime.Serialization.dll
[2014/07/24 05:20:21 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961\System.Runtime.Serialization.dll
[2015/01/24 19:04:12 | 000,012,410 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20681_none_99027a1e249ff87f\System.Runtime.Serialization.dll
[2014/09/13 09:29:30 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725\System.Runtime.Serialization.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2014/08/31 19:13:29 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_f0517be51cec2cbf\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/31 19:13:30 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_d981a48b36959176\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/31 19:15:41 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2014/09/13 09:31:01 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5\System.Runtime.Serialization.dll
[2014/07/09 03:45:34 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707\System.Runtime.Serialization.dll
[2014/08/31 19:15:43 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c\System.Runtime.Serialization.dll
[2014/09/13 09:31:03 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242\System.Runtime.Serialization.dll
[2014/08/31 19:15:45 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2014/09/13 09:31:04 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e\System.Runtime.Serialization.dll
[2014/07/09 03:45:33 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0\System.Runtime.Serialization.dll
[2014/08/31 19:15:48 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25\System.Runtime.Serialization.dll
[2014/09/13 09:31:06 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb\System.Runtime.Serialization.dll
[2013/11/14 09:13:16 | 000,000,281 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_en-us_0659b95168cd2142.manifest
[2013/11/14 09:13:29 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 17:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013/08/22 15:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013/08/22 17:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013/08/22 17:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013/08/22 17:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013/08/22 17:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2015/01/16 19:15:38 | 000,000,521 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17187_none_afcf9aa40af92e22.manifest
[2014/09/09 20:57:27 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961.manifest
[2015/01/16 19:15:38 | 000,000,515 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20681_none_99027a1e249ff87f.manifest
[2014/09/09 20:57:27 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725.manifest
[2013/08/22 17:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013/08/22 17:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013/08/22 17:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2014/08/23 00:13:10 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5.manifest
[2014/09/09 20:56:12 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707.manifest
[2014/08/23 00:13:10 | 000,000,407 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c.manifest
[2014/09/09 20:56:12 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242.manifest
[2013/08/22 17:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2014/08/23 00:13:10 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e.manifest
[2014/09/09 20:56:12 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0.manifest
[2014/08/23 00:13:10 | 000,000,415 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25.manifest
[2014/09/09 20:56:12 | 000,000,414 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb.manifest
[2013/08/22 17:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013/08/22 17:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013/08/22 17:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2014/08/23 00:13:10 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff.manifest
[2014/09/09 20:56:12 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31.manifest
[2014/08/23 00:13:10 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6.manifest
[2014/09/09 20:56:12 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c.manifest
[2013/11/14 09:13:59 | 000,000,149 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_en-us_80951863a93f3c56.manifest
[2014/09/09 20:57:26 | 000,000,149 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_en-us_808fbddba94420fd.manifest
[2014/09/09 20:57:26 | 000,000,148 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_en-us_69c1ca9bc2eb9ec1.manifest
[2013/11/14 09:13:57 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_en-us_d5f7bfa5c739f91d.manifest
[2014/08/23 00:13:09 | 000,000,151 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_en-us_d5f19263c73f912b.manifest
[2014/09/09 20:56:12 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_en-us_d5f30495c73e2a5d.manifest
[2014/08/23 00:13:09 | 000,000,151 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_en-us_bf21bb09e0e8f5e2.manifest
[2014/09/09 20:56:12 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_en-us_bf22d21be0e7f598.manifest
[2013/08/22 17:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013/08/22 17:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2015/01/16 19:15:34 | 000,000,570 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17187_none_c8104b0485ef1bc5.manifest
[2014/09/09 20:57:26 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704.manifest
[2015/01/16 19:15:28 | 000,000,566 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20681_none_b1432a7e9f95e622.manifest
[2014/09/09 20:57:26 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8.manifest
[2013/08/22 17:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2014/08/23 00:13:10 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732.manifest
[2014/09/09 20:56:12 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064.manifest
[2014/08/23 00:13:10 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9.manifest
[2014/09/09 20:56:12 | 000,000,423 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f.manifest
[2013/08/22 17:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013/08/22 17:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2014/08/23 00:13:10 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174.manifest
[2014/09/09 20:56:12 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6.manifest
[2014/08/23 00:13:10 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b.manifest
[2014/09/09 20:56:12 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1.manifest
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/31 19:18:48 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_6319fbc1e7e155b4\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/31 19:18:49 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_4c4a2468018aba6b\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2014/08/31 19:18:52 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2014/09/13 09:32:19 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff\System.Runtime.Serialization.dll
[2014/07/09 03:45:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31\System.Runtime.Serialization.dll
[2014/08/31 19:18:55 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6\System.Runtime.Serialization.dll
[2014/09/13 09:32:21 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2014/09/13 09:32:23 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2015/01/24 22:36:30 | 000,011,811 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17187_none_c8104b0485ef1bc5\System.Runtime.Serialization.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704\System.Runtime.Serialization.dll
[2015/01/24 22:36:33 | 000,012,410 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20681_none_b1432a7e9f95e622\System.Runtime.Serialization.dll
[2014/09/13 09:32:26 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8\System.Runtime.Serialization.dll
[2014/08/31 19:18:58 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2014/09/13 09:32:28 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732\System.Runtime.Serialization.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064\System.Runtime.Serialization.dll
[2014/08/31 19:19:00 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9\System.Runtime.Serialization.dll
[2014/09/13 09:32:29 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2013/11/14 09:14:23 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_en-us_2660f174e63eb618\serialui.dll.mui
[2015/04/08 20:41:18 | 000,001,912 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2014/10/29 03:46:05 | 000,015,360 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.17415_none_89ee00f13a0abe7f\serialui.dll
[2014/08/31 19:51:13 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll
[2014/09/13 09:45:11 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174\System.Runtime.Serialization.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6\System.Runtime.Serialization.dll
[2014/08/31 19:51:15 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b\System.Runtime.Serialization.dll
[2014/09/13 09:45:13 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\apppatch\spbin] -> -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\Zuzana\SkyDrive:ms-properties

< End of report >

LolaBe · #24 Příspěvek od **LolaBe** » 28 srp 2015 21:23

A zde druhy.

OTL Extras logfile created on: 28. 8. 2015 20:02:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zuzana\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17937)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d. M. yyyy

3,88 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 60,99% Memory free
6,26 Gb Paging File | 3,58 Gb Available in Paging File | 57,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 433,61 Gb Total Space | 216,07 Gb Free Space | 49,83% Space Free | Partition Type: NTFS

Computer Name: VAIO | User Name: Zuzana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- Reg Error: Value error. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.js [@ = JSFile] -- Reg Error: Value error. File not found

[HKEY_USERS\S-1-5-21-1261800056-1722273939-4180883429-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{121E8ADF-8434-4E58-8CB6-DF3D7112AA3D}" = lport=9999 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
"{181095A7-9830-49CD-A1D6-C8E144EFA68C}" = lport=9996 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcsystemtray.exe |
"{342AB398-2C25-46AA-9153-07B4DC1B8F2A}" = lport=9997 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaioshell.exe |
"{41639FCD-C59F-4E25-B15A-570042FB7E0D}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.7 |
"{507E92C1-17CB-42C4-AC72-7F78B08760E6}" = lport=9998 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcadmin.exe |
"{889CC9E8-EDE1-4652-A198-E8DA02270F46}" = lport=3306 | protocol=6 | dir=in | name=port 3306 |
"{9A5A3B10-9515-4F54-B27D-C34385260D17}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02139294-E205-45B9-9B62-13DC8BEA1BB3}" = dir=out | name=sonicwall mobile connect |
"{048B3DCB-32DF-4E09-9E53-93C147AEE84E}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0666E050-F535-4245-B423-433242E61CD3}" = dir=in | name=sonicwall mobile connect |
"{076E8F56-FBD3-40B2-922E-720F24135356}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{079FB6A4-53F2-4B14-A975-3CC7644A79B3}" = protocol=17 | dir=in | app=c:\program files\lightworks\lightworks.exe |
"{0AD40183-3812-49D6-AC9C-65DEB80D7685}" = protocol=6 | dir=in | app=c:\program files (x86)\webcamxp 5\wlite.exe |
"{14A7363B-3008-4AD5-9856-DE3FD1182790}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1D42C65F-6B74-491D-BA56-E13C1AE20534}" = dir=out | name=taptiles |
"{25082AB9-7FF1-4FA2-A4F7-21E0229E7835}" = dir=in | app=c:\program files (x86)\dvdvideosoft\free torrent download\freetorrentdownload.exe |
"{2A1A4ADD-C654-4F53-AB76-7C669E6411D6}" = dir=out | name=skype |
"{2F83F50A-EA1E-4118-A6E5-CD3CD46E2ED1}" = protocol=6 | dir=in | app=c:\program files\lightworks\lightworks.exe |
"{35D255A8-D4D3-48F2-A14E-0661D4B01ACF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{35FB6258-A38B-48E7-AA1F-F67B88C25EB5}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3B1F0225-1C79-4D9F-A2F3-8FC7FF624319}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{3DB1237B-EB9F-4229-A597-A46C03449E81}" = dir=out | name=vaio care |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{43E076D3-5411-4757-9E0D-6B278DF2DB16}" = dir=in | name=mcafee® central for sony |
"{4C20AC42-DC62-482B-954B-57C32BEBCE3A}" = dir=out | name=juniper networks junos pulse |
"{519A6358-A4F2-4D9D-8295-88AB084FCC28}" = dir=out | name=microsoft minesweeper |
"{52ADB76C-BD50-471A-BD7F-7CB8FFA1F67C}" = dir=out | name=mcafee® central for sony |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{575F8DE4-CD16-49D8-BCA7-2957B7603D2C}" = dir=in | name=juniper networks junos pulse |
"{5978B516-5DA5-4919-B099-9FC4911EEA03}" = dir=out | name=windows_ie_ac_001 |
"{5A5A021E-1767-4FDF-A187-53357FBA5661}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{649A4AD3-8914-4C08-9ECF-943FAB199E1A}" = dir=out | name=check point vpn |
"{64FD2F46-A7CE-49A7-8FA0-3C91E0D0B8ED}" = dir=out | name=@{microsoft.bingfinance_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{692D0B3D-2652-45FA-BCBA-3077D93565E7}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{69F5EDCA-5CC2-44FD-B7EB-433FD2642FE2}" = dir=out | app=c:\program files (x86)\dvdvideosoft\free torrent download\freetorrentdownload.exe |
"{71D6722F-E510-463F-A055-537359D671ED}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{7267711A-1EF8-46D2-9644-A653E3FD8F3C}" = dir=out | name=kindle |
"{72835000-969D-4708-9C72-08B90ECCF040}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{72A86DED-B116-491E-93AE-D073BB92603D}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{76D7C9CF-1D72-4E83-9A5D-8F6C9B1C60A9}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{77E79352-3926-4B02-897F-5870CC8CBC5F}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7F3E748C-971A-466A-8460-50C23AFDCB65}" = dir=in | name=check point vpn |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{846CBF99-BFD3-4498-9F65-290DFB1CAD7A}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{878E1A50-F4D2-47F1-9F31-D4D01C7EE333}" = dir=in | name=canon inkjet print utility |
"{88266470-FC7F-4BE6-A65B-5DDF67C2A863}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{8AB58312-1BA0-46EF-A962-8F122968B579}" = dir=out | name=sony select |
"{8AECCAEA-DA70-415A-956D-AC14FB357CD3}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{8B4CA7D3-6073-4157-925D-3DE3735A7CF0}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8C002D99-0B97-4753-8971-51696994016E}" = dir=out | name=wd |
"{92A30577-D358-4BBD-B45A-2600E942D3E4}" = dir=out | name=f5 vpn |
"{979973CD-0EAE-4C91-A3E5-BE57565CFE30}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9A1ECDC9-1E11-4C10-A076-9AAAE59F9242}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{9B530226-4F8D-4A00-8027-FC71DC27E912}" = dir=in | name=taptiles |
"{9E072C20-CFE1-49A2-BC60-3F7EDB4A26AF}" = dir=out | name=@{microsoft.bingsports_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A03EFC67-11A0-4FE8-9536-6DEFF270A552}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{A1221222-D34E-4546-8EDE-2CCF15AB2047}" = protocol=6 | dir=in | app=c:\program files\lightworks\ntcardvt.exe |
"{A5C5153D-901F-4054-A993-32AB15C08856}" = dir=out | name=@{microsoft.bingweather_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{AC080F90-0A21-47AC-8289-55A62C8D8717}" = dir=in | name=microsoft solitaire collection |
"{AE875B86-12C1-4BB2-AE7C-7085C36C6BF8}" = dir=out | name=@{microsoft.zunevideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B17845E0-CC01-4358-9DE1-EAE8C348D53F}" = dir=in | name=vaio care |
"{B1B8936F-CAF4-4DAA-97AA-4B8AE2E99DF7}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{B223B8F6-85BD-40A3-AD68-8B6B9099CA87}" = protocol=6 | dir=in | app=c:\program files (x86)\webcamxp 5\wservice.exe |
"{B3C7A8CC-7DF2-4314-9F7E-53EC5A70CB65}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B5D9E9DA-547A-47C9-9AE6-48322A5D8AD5}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{B615232D-6C1C-447A-9657-5085FCA1182A}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{BE0D8655-B86A-4D1D-904E-411BA9EC7BC8}" = dir=in | name=wd |
"{BE421678-8B19-4C1F-8FF1-CDCCEA187420}" = dir=in | name=f5 vpn |
"{BF8EDCD5-DE53-4C1F-9D93-1C830D1CBAC8}" = dir=out | name=wordament |
"{C59886FB-849A-4338-909D-117C4DC5687B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C688F45B-AEF1-4462-96C2-61ECC90BF216}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CA621413-BE74-45B0-ABE9-B4364712C96F}" = dir=in | name=microsoft minesweeper |
"{CF14D77C-1E0F-4591-8C5B-235FF6299177}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D32415F0-C600-459C-B3B8-9161A0BDF158}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{D6929B50-2607-4715-AB85-CEA279A7E83D}" = protocol=17 | dir=in | app=c:\program files (x86)\webcamxp 5\wlite.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D7C9BF13-1B7E-48A8-A1E7-9EA4467304A6}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D7CA7705-5DF5-489B-831E-B311861A123B}" = dir=in | name=skype |
"{DA696A3E-B7CC-4D6B-9BF4-D093B23B6069}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DB7E22B7-BA37-4140-8C01-F8FE60A37839}" = protocol=17 | dir=in | app=c:\program files (x86)\webcamxp 5\wservice.exe |
"{DC2832B9-14B6-4DC3-ACAE-A1F2AEC68870}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8BAD280-4156-448F-BBDD-900BCEB659E4}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{EA26E0A6-927D-46E7-A820-FB5241FA7772}" = dir=out | name=canon inkjet print utility |
"{EA8EEEFC-5CB4-44EC-81F9-7A8CE3F41E72}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F63D63BB-4368-4AED-A831-154C64C7909D}" = dir=out | name=microsoft solitaire collection |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FA2835AB-B3BA-421F-8C1D-65BE6084AFC7}" = protocol=17 | dir=in | app=c:\program files\lightworks\ntcardvt.exe |
"{FB78CCA7-E112-471A-8CB2-4D9CBEA9FDB9}" = dir=out | name=- games app - |
"{FD8ECA00-0DCD-4546-8B68-D06470ACAB2A}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 |
"{FE35E8F6-0ACD-4CC9-A56C-73618673DB55}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{FEA3998C-FA3D-442C-8D6B-976C0681D56A}" = dir=out | name=@{microsoft.bingnews_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"TCP Query User{08EC65AF-7EEB-4839-AFF1-6C828EBAE2BB}C:\users\zuzana\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\zuzana\appdata\local\akamai\netsession_win.exe |
"TCP Query User{0F797F8F-0FAE-43EE-AA9B-88CF7F9C37A1}C:\windows\system32\settingsynchost.exe" = protocol=6 | dir=in | app=c:\windows\system32\settingsynchost.exe |
"TCP Query User{81B5B6AB-4B2B-404D-866B-ACD3E8400B1B}C:\program files (x86)\xmind\xmind.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xmind\xmind.exe |
"TCP Query User{EBF0E764-EA24-4F2D-A80C-9C08439FBC32}C:\users\zuzana\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\zuzana\appdata\local\akamai\netsession_win.exe |
"UDP Query User{1BCA762A-4A93-497E-AFEA-22237409388D}C:\program files (x86)\xmind\xmind.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xmind\xmind.exe |
"UDP Query User{1EB7B580-4D0D-46BE-B886-2862B169884B}C:\users\zuzana\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\zuzana\appdata\local\akamai\netsession_win.exe |
"UDP Query User{BBFB8073-0925-4A15-BF37-45510A4642BB}C:\users\zuzana\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\zuzana\appdata\local\akamai\netsession_win.exe |
"UDP Query User{D06EB64B-3C54-4992-AA0C-87BE69F09D69}C:\windows\system32\settingsynchost.exe" = protocol=17 | dir=in | app=c:\windows\system32\settingsynchost.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers
"{15B9204E-BA09-485E-8F2C-094AC0077664}" = VAIO Care Recovery
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}" = VCCx64
"{26A24AE4-039D-4CA4-87B4-2F06417080FF}" = Java 7 Update 80 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6109059C-2784-4546-A353-7100A6882DF4}" = Ruská - rozložení jako latinka (0.9.1)
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{633EB44A-B19A-409E-8321-78B363553398}" = ActivDriver x64 v5.9
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7AE27077-F326-46AA-9CB2-DF595D56C8FA}" = Russian Phonetic Student - WinRus.com
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel(R) Rapid Storage Technology
"{A2DAB821-75CD-4052-815B-02E1443C11D5}" = VAIO Care
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B255D495-4734-4E9B-B4F5-96702FD4A7B9}" = Podpora aplikací Apple (64bitová)
"{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}" = iTunes
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DD178D9D-89DD-4F15-9E56-57C85D1EDF36}" = WD SmartWare
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"3F504CC0B024052107934E093CC26DA720256A7A" = Windows Driver Package - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0)
"7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8" = Windows Driver Package - Phase One A/S (WinUSB) USBDevice (12/03/2014 1.13.0.0)
"B758007C752D28F7C3542875CEEBDADCAE5941AE" = Windows Driver Package - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0)
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"FF9ECD00DD25FDB7D3208607214790302878ACBE" = Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260)
"ImagenomicPortraiturePlugin" = Imagenomic Portraiture 2 Plug-in (build 2341)
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D0C3C53-83FE-4A15-A42E-D24FF8FBDC61}" = ActivInspire Core Resources (CZE) v1
"{0FAC7130-BEC5-47A5-8813-1D339B8326ED}" = Adobe Media Encoder CC 2015
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{124310E8-7C49-4C33-B4F2-3CF43F3830B7}" = WD Quick View
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{147EC100-14BE-45EF-AB42-35BAEE7D02F0}" = Adobe After Effects CC 2015
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{181241DD-2FC2-4CF9-94CE-97F3E37D6F0B}" = Adobe Edge Animate
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}" = Adobe Touch App Plugins
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}" = Adobe Extension Manager CC
"{25CC1EC0-19D9-11E5-952D-BD72CD08879E}" = Adobe Muse CC 2015
"{26A24AE4-039D-4CA4-87B4-2F03217080FF}" = Java 7 Update 80
"{27442E6D-B689-4454-8D56-73B965DD6BEE}" = AzwSoft Adobe PDF DRM Removal 7.2.9
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31B9D218-FED2-4C6C-B19F-7294FFC130B0}" = Adobe AIR
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{38C72D42-0672-43B1-9E05-E7631684F9A1}" = Adobe Premiere Pro CC 2015
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3B178548-D115-4DCB-9BA6-A320C190F6AC}" = ActivInspire Help (CZE) v1
"{41A12FFC-89E9-4743-A51E-00975CA31F40}" = Adobe Exchange Panel
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{5680D629-B263-49CC-821E-3CEBD4507B51}" = Adobe Illustrator CC 2015
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72E40002-8CEC-47C1-A099-83AC8E173BF0}" = Nástroje WD Drive Utilities
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793C2BF7-A4FE-4608-91C9-9282C5801C21}" = Adobe Photoshop CC 2015
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7FE25256-B7C1-480D-B736-10A67A833AEA}" = Podpora aplikací Apple (32bitová)
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}" = Adobe Lightroom
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{83270912-15C7-4336-822E-E8F1B1BBCA60}" = WD Security
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{85DE30D0-AEC8-4799-A56A-14267C421A76}" = CoffeeCup Web Form Builder Lite
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0895922-011B-4F8B-9333-D3B0E053B3E8}" = VLC media player 2.0.1
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.12) - Czech
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}" = VCCx86
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO CPU Fan Diagnostic
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{bfb9000e-e7d4-490f-a873-ec2c9cab3b3d}" = WD SmartWare Installer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C6824E02-0D74-9191-A2BA-B18FB9C4AAAA}" = Adobe® Content Viewer
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D292E0F0-07D0-47B6-8B50-BCEBE67A17C4}" = ActivInspire v1
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}" = Lightworks
"{EA22007F-7DCA-4BA5-ACA2-143D8852DD35}" = ActivInspire HWR Resources (CZE) v1
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}" = XperiaLinkx86
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acoustica Mixcraft 6" = Acoustica Mixcraft 6
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Digital Editions 4.0" = Adobe Digital Editions 4.0
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"ASIO4ALL" = ASIO4ALL
"avast" = Avast Premier
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Color Efex Pro 4" = Color Efex Pro 4
"com.adobe.dmp.contentviewer" = Adobe® Content Viewer
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DesetiPrsty5" = DesetiPrsty5 5.3
"DivX Setup" = DivX Setup
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Epubor Adobe DRM Removal" = Epubor Adobe DRM Removal
"FL Studio 10" = FL Studio 10
"Free Studio_is1" = Free Studio version 6.5.0.324
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"IL Download Manager" = IL Download Manager
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Intel AppUp(SM) center 38645" = Intel AppUp(SM) center
"Intelli-studio" = SAMSUNG Intelli-studio
"Klavaro_is1" = Klavaro-2.00c
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.1.8.1057
"Mozilla Firefox 40.0.3 (x86 en-US)" = Mozilla Firefox 40.0.3 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Origin" = Origin
"RadLab_is1" = RadLab v1.3.6
"Registrace uživatele zařízení Canon MP495 series" = Registrace uživatele zařízení Canon MP495 series
"Shotcut" = Shotcut
"Spyder4Elite" = Spyder4Elite
"TN_Russian_com_cs_cz_EuroTalk_is1" = LANGMaster.com: Ruština pro začátečníky
"Topaz Adjust 5" = Topaz Adjust 5
"Topaz BW Effects 2" = Topaz B&W Effects
"Topaz Clarity" = Topaz Clarity
"Topaz Clean 3" = Topaz Clean 3
"Topaz DeJpeg 4" = Topaz DeJpeg 4
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz Detail 3" = Topaz Detail 3
"Topaz Fusion Express 2" = Topaz Fusion Express 2
"Topaz InFocus" = Topaz InFocus
"Topaz Lens Effects" = Topaz Lens Effects
"Topaz ReMask 3" = Topaz ReMask 3
"Topaz ReStyle" = Topaz ReStyle
"Topaz Simplify 4" = Topaz Simplify 4
"Topaz Star Effects" = Topaz Star Effects
"VLC media player" = VLC media player
"WildTangent sony Master Uninstall" = WildTangent Games
"WTA-1d9e8326-4563-4512-9d72-9b0d95bb9025" = Build-a-lot: On Vacation
"WTA-22ce0993-a0c8-481a-a751-3c614167f981" = FATE
"WTA-5e735265-010d-473f-9815-a7784964b920" = Heroes of Hellas 3: Athens
"WTA-6e229a44-cb29-4821-a192-865b686a213c" = Mystery of Mortlake Mansion
"WTA-6f87ed48-9e01-47a7-977d-e83b208d1c6e" = Chronicles of Albian
"WTA-7366bbc6-cbbd-4acd-ab74-ff3a44409485" = Bejeweled 3
"WTA-7b76d47d-fd93-4154-8c06-8bfbd7b53ed7" = Agatha Christie - Death on the Nile
"WTA-7de0cffd-bf69-4b1b-8ed3-9b2870640f42" = Virtual Villagers 4 - The Tree of Life
"WTA-8e7f7484-5ebb-49b4-b739-4bba0ddd6bd7" = Polar Bowler
"WTA-b75f1c91-b48a-4e3c-acc1-cbf1fc9acaab" = Mystery P.I. - The London Caper
"WTA-c547c7cb-1a42-4cf5-b9f2-762a5627d7c3" = Mahjongg Artifacts
"WTA-ccb23cf7-f95e-4bf2-9b07-96bf06cec6ea" = Cradle Of Egypt Collector's Edition
"WTA-d7016ee2-1310-48aa-ae9e-a9aaaee6793f" = Plants vs. Zombies - Game of the Year
"WTA-e6080f17-56f8-47e8-9c9f-70fb7c22850d" = Luxor HD
"WTA-f43ef29c-a00c-42e4-9793-8dae2a10a6bb" = Chuzzle Deluxe
"WTA-fc6c031f-df1a-4b3f-9896-95cea243a6d9" = Aloha TriPeaks
"XMind_is1" = XMind 6 (v3.5.0)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1261800056-1722273939-4180883429-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Bandizip" = Bandizip
"Dropbox" = Dropbox
"eaadb22a7fda717f" = FlexiBooks
"OneDriveSetup.exe" = Microsoft OneDrive
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28. 8. 2015 11:42:58 | Computer Name = VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28. 8. 2015 11:42:58 | Computer Name = VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1110

Error - 28. 8. 2015 11:42:58 | Computer Name = VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1110

Error - 28. 8. 2015 13:54:12 | Computer Name = VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28. 8. 2015 13:54:12 | Computer Name = VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7875578

Error - 28. 8. 2015 13:54:12 | Computer Name = VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7875578

Error - 28. 8. 2015 15:00:32 | Computer Name = VAIO | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20911 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2848 Start
Time: 01d0e1c311c5b354 Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: 082aec73-4db7-11e5-bf10-083e8eb8f4ec Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 28. 8. 2015 15:07:21 | Computer Name = VAIO | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20911 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2708 Start
Time: 01d0e1c40c419bc0 Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: 0099454c-4db8-11e5-bf10-083e8eb8f4ec Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 28. 8. 2015 15:07:24 | Computer Name = VAIO | Source = Application Hang | ID = 1002
Description = The program wwahost.exe version 6.3.9600.17415 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 25dc Start
Time: 01d0e1c40c419bc0 Termination Time: 4294967295 Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report
Id: 008d5996-4db8-11e5-bf10-083e8eb8f4ec Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting
package-relative application ID: App

Error - 28. 8. 2015 15:15:19 | Computer Name = VAIO | Source = Application Hang | ID = 1002
Description = The program wwahost.exe version 6.3.9600.17415 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2bb8 Start
Time: 01d0e1c52a3d2ebe Termination Time: 4294967295 Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report
Id: 1dea35a9-4db9-11e5-bf10-083e8eb8f4ec Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting
package-relative application ID: App

[ ESRV_SVC Events ]
Error - 30. 7. 2015 10:58:37 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 30. 7. 2015 11:25:18 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 31. 7. 2015 5:52:33 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 4. 8. 2015 14:41:13 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 12. 8. 2015 5:19:15 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 16. 8. 2015 7:41:42 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 21. 8. 2015 12:46:24 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 22. 8. 2015 9:13:55 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 23. 8. 2015 18:09:44 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 24. 8. 2015 5:50:20 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

[ System Events ]
Error - 6. 7. 2015 10:15:17 | Computer Name = VAIO | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SampleCollector service.

Error - 6. 7. 2015 10:18:19 | Computer Name = VAIO | Source = Virtual Disk Service | ID = 33554441
Description =

Error - 6. 7. 2015 14:05:17 | Computer Name = VAIO | Source = DCOM | ID = 10010
Description =

Error - 6. 7. 2015 16:04:18 | Computer Name = VAIO | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume \\?\Volume{f3b172c2-83d7-457e-a2d9-5b40ec2bc2bd}
encountered a non-retryable error and could not start. The data contains the error
code.

Error - 6. 7. 2015 16:05:10 | Computer Name = VAIO | Source = Service Control Manager | ID = 7000
Description = The VBoxAsw Support Driver service failed to start due to the following
error: %%2

Error - 18. 7. 2015 11:20:28 | Computer Name = VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 18. 7. 2015 11:40:00 | Computer Name = VAIO | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the WDBackup service.

Error - 18. 7. 2015 11:41:00 | Computer Name = VAIO | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume \\?\Volume{f3b172c2-83d7-457e-a2d9-5b40ec2bc2bd}
encountered a non-retryable error and could not start. The data contains the error
code.

Error - 18. 7. 2015 11:44:21 | Computer Name = VAIO | Source = Service Control Manager | ID = 7000
Description = The VBoxAsw Support Driver service failed to start due to the following
error: %%2

Error - 18. 7. 2015 12:36:49 | Computer Name = VAIO | Source = DCOM | ID = 10010
Description =

[ USER_ESRV_SVC Events ]
Error - 29. 12. 2014 23:38:36 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

Error - 29. 12. 2014 23:38:36 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

Error - 29. 12. 2014 23:38:36 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

Error - 29. 12. 2014 23:38:36 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

Error - 29. 7. 2015 19:30:56 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

Error - 29. 7. 2015 19:30:56 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

Error - 29. 7. 2015 19:30:56 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

< End of report >

#25 Příspěvek od **Márty84** » 29 srp 2015 08:06

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-1261800056-1722273939-4180883429-1001\..\SearchScopes\{3B8183ED-28F9-4A17-9245-90E1108641D0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2015/08/24 00:36:37 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2015/08/24 00:34:07 | 001,308,672 | ---- | M] () -- C:\Users\Zuzana\Desktop\zoek.exe
[2015/08/10 20:59:04 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\*.tmp -> ]
[1 C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp -> ]
[1 C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 \$Windows.~BT\Sources\*.tmp files -> \$Windows.~BT\Sources\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

LolaBe · #26 Příspěvek od **LolaBe** » 31 srp 2015 14:24

Log zde.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313336 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: HomeGroupUser$

User: Public

User: Zuzana
->Temp folder emptied: 52897453 bytes
->Temporary Internet Files folder emptied: 6239094 bytes
->Java cache emptied: 8196 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 396206152 bytes
->Flash cache emptied: 57316 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18911788 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 453,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Guest
->Flash cache emptied: 0 bytes

User: HomeGroupUser$

User: Public

User: Zuzana
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1261800056-1722273939-4180883429-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1261800056-1722273939-4180883429-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3B8183ED-28F9-4A17-9245-90E1108641D0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B8183ED-28F9-4A17-9245-90E1108641D0}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\zoek-delete.exe moved successfully.
C:\Users\Zuzana\Desktop\zoek.exe moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP949B.tmp\System.ServiceProcess.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP949B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD429.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE33A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3E3.tmp\System.Configuration.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3E3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP67CD.tmp\System.Configuration.Install.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP67CD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCA94.tmp\System.Windows.Forms.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCA94.tmp folder deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmpF45A.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmpF47A.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0000\tmpF45A.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0009\tmpF45A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI17C4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4BF7.tmp deleted successfully.
C:\WINDOWS\Installer\MSI8D92.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIA877.tmp- folder deleted successfully.
\$Windows.~BT\Sources\_s_679F.tmp deleted successfully.
\$Windows.~BT\Sources\_s_C56E.tmp deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 08312015_143400

Files\Folders moved on Reboot...
File\Folder C:\Users\Zuzana\AppData\Local\Temp\~DF0E8D913F38563DCD.TMP not found!
File\Folder C:\Users\Zuzana\AppData\Local\Temp\~DF36DBF4576734E98F.TMP not found!
File\Folder C:\Users\Zuzana\AppData\Local\Temp\~DF583AB002BC13182B.TMP not found!
File\Folder C:\Users\Zuzana\AppData\Local\Temp\~DF8C3D466BE35F8495.TMP not found!
File\Folder C:\Users\Zuzana\AppData\Local\Temp\~DFC886652E881C6987.TMP not found!
File\Folder C:\Users\Zuzana\AppData\Local\Temp\~DFF80EF79B89506BCF.TMP not found!
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\Low\SuggestedSites.dat moved successfully.
File move failed. C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\PDApp.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#27 Příspěvek od **Márty84** » 31 srp 2015 17:56

Znovu pouzijte DelFix.

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Nastala nejaka zmena?

7.11. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook

Re: Zavirovany notebook