Zdravím, mohl bych Vás poprosit o preventivní kontrolu? V poslední době pociťuju zpomalení a zasekávání ntb. Díky moc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2014-09-02 22:10:16
Microsoft Windows 8.1
System drive C: has 259 GB (57%) free of 453 GB
Total RAM: 3560 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:22, on 2. 9. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\RunOnce: [RocketTab Program Files Data Uninstall] cmd /C rd /Q /S "C:\Program Files (x86)\RocketTab"
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe -h
O4 - HKCU\..\Run: [Quick Starter] C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Dropbox.lnk = Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 10592 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
dashost.exe {53803c5d-d70c-4d0a-856f82e5646bec6d}
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files (x86)\Samsung\Settings\sSettings.exe" /s
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006fc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe" -h
"C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe" /SERVICE
"C:\Program Files\Samsung\Support Center\GuaranaAgent.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Users\Tomas\AppData\Local\Opera\Opera\temporary_downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-08-26 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-08-26 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-06-20 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-08-26 1730256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-13 2894152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-30 13654744]
"Bitcasa"=C:\Program Files\Bitcasa\Bitcasa.exe [2012-12-27 4365824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-09-25 132736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [2012-05-22 1000288]
"Quick Starter"=C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe [2014-04-29 2358064]
"uTorrent"=C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe [2014-08-04 1329744]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-08-12 751184]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-18 766208]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-08-04 161584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"RocketTab Program Files Data Uninstall"=cmd /C rd /Q /S C:\Program Files (x86)\RocketTab []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-09-25 132736]
C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll [2012-08-06 190480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll [2012-08-06 190480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-30 13:36:22 ----D---- C:\Program Files (x86)\RocketTab
2014-08-30 13:35:36 ----D---- C:\ProgramData\YTD Video Downloader
2014-08-30 13:35:28 ----D---- C:\Program Files (x86)\GreenTree Applications
2014-08-28 18:03:38 ----D---- C:\WINDOWS\cs
2014-08-28 18:02:38 ----D---- C:\WINDOWS\sk
2014-08-28 18:02:13 ----D---- C:\WINDOWS\sl
2014-08-28 17:59:31 ----D---- C:\WINDOWS\hu
2014-08-28 17:58:30 ----D---- C:\WINDOWS\hr
2014-08-28 17:55:54 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2014-08-28 17:55:51 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2014-08-28 17:55:50 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2014-08-28 17:55:50 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2014-08-28 17:55:45 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2014-08-28 17:55:45 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2014-08-28 17:55:34 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2014-08-28 17:55:34 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2014-08-28 11:01:22 ----A---- C:\WINDOWS\system32\win32k.sys
2014-08-19 22:13:59 ----SHD---- C:\Config.Msi
2014-08-18 21:31:54 ----D---- C:\Titles
2014-08-14 18:37:02 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-08-14 17:50:36 ----D---- C:\Users\Tomas\AppData\Roaming\Avnex
2014-08-14 17:50:36 ----D---- C:\AV_LOGS
2014-08-14 17:48:33 ----D---- C:\Program Files (x86)\AV Vcs 7.0 DIAMOND
2014-08-13 17:48:26 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-08-13 17:48:25 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-08-13 17:48:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-08-13 17:48:22 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-08-13 17:48:21 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-08-13 17:48:20 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-08-13 17:48:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-08-13 17:48:13 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 17:48:10 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-08-13 17:48:09 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-08-13 17:48:08 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-08-13 17:48:08 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 17:48:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-08-13 17:48:07 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 17:48:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-08-13 17:48:03 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-08-13 17:48:02 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-08-13 17:48:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\system32\wininet.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 17:47:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-08-13 17:47:39 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 17:47:38 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 17:47:38 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 17:47:37 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-08-13 17:47:37 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 17:47:35 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-08-13 17:47:35 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-08-13 17:45:42 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 17:45:41 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\system32\dxgi.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\system32\dwmcore.dll
2014-08-13 17:42:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2014-08-13 17:42:39 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-08-13 17:42:29 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2014-08-13 17:42:29 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 17:42:01 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-08-13 17:42:01 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-08-13 17:42:00 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-08-13 17:42:00 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-08-13 17:41:26 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-08-13 17:41:26 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-08-13 17:41:25 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-08-13 17:41:24 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\localspl.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\framedynos.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-08-13 17:41:20 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-08-13 17:41:19 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\winbici.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\framedyn.dll
2014-08-13 17:41:16 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll
2014-08-13 17:41:16 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2014-08-13 17:41:15 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2014-08-13 17:41:15 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\WebClnt.dll
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\SYSWOW64\framedyn.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-13 17:41:13 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2014-08-13 17:41:13 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2014-08-13 17:41:13 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2014-08-13 17:41:09 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-08-13 17:41:08 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-08-13 17:41:08 ----A---- C:\WINDOWS\system32\srms.dat
2014-08-13 17:40:39 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-08-13 17:40:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-08-13 17:40:32 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-13 17:40:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-08-13 17:40:26 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-08-13 17:40:25 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2014-08-13 17:40:25 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbuhci.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbehci.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbd.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFSvc.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\rsaenh.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\hal.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-13 17:40:23 ----A---- C:\WINDOWS\SYSWOW64\DaOtpCredentialProvider.dll
2014-08-13 17:39:45 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 17:39:42 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 17:39:35 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-08-13 17:39:35 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\system32\msi.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\system32\authui.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\system32\consent.exe
2014-08-13 16:12:36 ----D---- C:\ProgramData\Package Cache
2014-08-04 12:10:29 ----D---- C:\Users\Tomas\AppData\Roaming\FLEXnet
2014-08-04 12:00:56 ----D---- C:\Users\Tomas\AppData\Roaming\Vodafone
2014-08-04 12:00:44 ----A---- C:\WINDOWS\system32\drivers\ewusbmdm.sys
2014-08-04 12:00:43 ----A---- C:\WINDOWS\system32\drivers\ewusbnet.sys
2014-08-04 12:00:08 ----D---- C:\ProgramData\Vodafone
2014-08-04 12:00:01 ----D---- C:\ProgramData\FLEXnet
======List of files/folders modified in the last 1 month======
2014-09-02 22:10:23 ----D---- C:\WINDOWS\Temp
2014-09-02 22:10:20 ----D---- C:\Program Files\trend micro
2014-09-02 22:10:17 ----D---- C:\WINDOWS\Prefetch
2014-09-02 22:10:06 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2014-09-02 22:02:02 ----D---- C:\WINDOWS\system32\sru
2014-09-02 21:33:41 ----D---- C:\WINDOWS\system32\config
2014-09-02 21:13:34 ----D---- C:\WINDOWS\Microsoft.NET
2014-09-01 17:31:49 ----D---- C:\WINDOWS\AppReadiness
2014-09-01 12:14:40 ----D---- C:\WINDOWS\Inf
2014-08-31 22:11:40 ----D---- C:\ProgramData\firebird
2014-08-31 19:25:28 ----D---- C:\WINDOWS\system32\Tasks
2014-08-31 19:24:38 ----D---- C:\ProgramData\WinClon
2014-08-31 19:24:13 ----RD---- C:\Program Files (x86)
2014-08-31 19:24:10 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2014-08-31 19:17:10 ----D---- C:\WINDOWS\system32\NDF
2014-08-31 13:38:24 ----D---- C:\WINDOWS\SoftwareDistribution
2014-08-31 11:55:48 ----D---- C:\WINDOWS\Logs
2014-08-31 11:55:48 ----D---- C:\WINDOWS\debug
2014-08-31 11:55:47 ----AD---- C:\Windows
2014-08-31 10:27:40 ----D---- C:\WINDOWS\WinSxS
2014-08-31 10:24:25 ----RD---- C:\WINDOWS\System32
2014-08-30 22:52:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-30 17:46:00 ----SHD---- C:\System Volume Information
2014-08-30 16:42:36 ----RSD---- C:\WINDOWS\assembly
2014-08-30 13:53:35 ----D---- C:\Users\Tomas\AppData\Roaming\MiniLyrics
2014-08-30 13:35:36 ----HD---- C:\ProgramData
2014-08-30 11:20:27 ----HD---- C:\Program Files\WindowsApps
2014-08-29 21:47:03 ----D---- C:\WINDOWS\CbsTemp
2014-08-29 20:27:10 ----D---- C:\Users\Tomas\AppData\Roaming\Dropbox
2014-08-28 18:04:01 ----SHD---- C:\WINDOWS\Installer
2014-08-28 18:01:23 ----D---- C:\WINDOWS\en-GB
2014-08-28 17:56:31 ----D---- C:\Program Files (x86)\Windows Live
2014-08-28 17:55:56 ----D---- C:\WINDOWS\SysWOW64
2014-08-27 16:34:01 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-08-27 16:31:14 ----D---- C:\Program Files\Microsoft Office 15
2014-08-25 20:42:16 ----D---- C:\WINDOWS\system32\wbem
2014-08-25 20:40:17 ----D---- C:\WINDOWS\Tasks
2014-08-25 20:40:17 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-08-25 20:40:17 ----D---- C:\WINDOWS\system32\drivers
2014-08-25 20:40:17 ----D---- C:\WINDOWS\system32\catroot2
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\Winamp
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\PhotoFiltre Studio X
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\IrfanView
2014-08-25 20:40:13 ----D---- C:\WINDOWS\system32\CodeIntegrity
2014-08-25 20:39:48 ----D---- C:\Program Files\Virtual Audio Cable
2014-08-25 20:17:46 ----D---- C:\WINDOWS\registration
2014-08-25 20:16:59 ----RD---- C:\Program Files
2014-08-20 21:42:39 ----D---- C:\Program Files (x86)\The KMPlayer
2014-08-19 22:14:31 ----D---- C:\Program Files (x86)\Avira
2014-08-16 07:47:05 ----D---- C:\WINDOWS\system32\DriverStore
2014-08-15 00:24:48 ----D---- C:\WINDOWS\rescache
2014-08-14 23:27:28 ----D---- C:\WINDOWS\system32\catroot
2014-08-14 19:19:47 ----RSD---- C:\WINDOWS\Fonts
2014-08-14 19:14:25 ----D---- C:\Program Files (x86)\Opera
2014-08-14 18:29:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-08-14 18:29:53 ----D---- C:\WINDOWS\system32\cs-CZ
2014-08-14 18:29:48 ----D---- C:\Program Files\Internet Explorer
2014-08-14 18:29:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 18:29:41 ----D---- C:\WINDOWS\PolicyDefinitions
2014-08-14 18:28:39 ----RD---- C:\WINDOWS\ToastData
2014-08-14 18:28:39 ----D---- C:\WINDOWS\system32\migration
2014-08-14 18:28:22 ----D---- C:\WINDOWS\MediaViewer
2014-08-14 18:28:21 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-08-14 18:28:21 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-08-14 18:28:17 ----D---- C:\WINDOWS\system32\en-US
2014-08-14 18:28:10 ----D---- C:\WINDOWS\Camera
2014-08-14 18:28:09 ----D---- C:\WINDOWS\FileManager
2014-08-14 18:28:04 ----SD---- C:\WINDOWS\system32\CompatTel
2014-08-14 17:46:38 ----D---- C:\Program Files (x86)\Common Files
2014-08-14 17:05:46 ----D---- C:\WINDOWS\system32\MRT
2014-08-14 16:59:00 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-13 17:35:43 ----A---- C:\WINDOWS\system32\mfps.dll
2014-08-13 16:24:11 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-08-13 16:24:08 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 16:23:30 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-08-13 16:23:28 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 16:23:25 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-08-13 16:23:24 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-08-13 16:23:24 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-08-13 16:23:21 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-08-13 16:23:21 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-08-13 16:23:10 ----A---- C:\WINDOWS\system32\msrating.dll
2014-08-13 16:23:08 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-08-13 16:13:31 ----D---- C:\ProgramData\Avira
2014-08-06 18:00:12 ----D---- C:\WINDOWS\system32\wdi
2014-08-04 12:03:32 ----SD---- C:\Users\Tomas\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2013-07-23 80640]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2013-07-23 25344]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2014-06-03 130584]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-11-29 28600]
R1 cbfs3;cbfs3; \??\C:\windows\system32\drivers\cbfs3.sys [2012-08-06 352456]
R1 dtsoftbus01;@oem14.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-01-27 283200]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 APXACC;@oem33.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2012-06-23 199008]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2014-07-05 117712]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-09-19 12531712]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-09-19 619008]
R3 AthBTPort;@oem8.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-09-25 89800]
R3 AtiHDAudioService;@oem43.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-06-22 138240]
R3 BTATH_A2DP;@oem5.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-09-25 338120]
R3 btath_avdt;@oem5.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-09-25 116424]
R3 BTATH_BUS;@oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-25 34384]
R3 BTATH_HCRP;@oem10.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-09-25 179432]
R3 BTATH_HID;@oem11.inf,%BTATH_HID%;Bluetooth HID Device; C:\WINDOWS\system32\DRIVERS\btath_hid.sys [2013-09-25 223432]
R3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-09-25 77464]
R3 BTATH_RCP;@oem35.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-09-25 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-09-25 594632]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem40.inf,%SamsungDeviceDesc%;Samsung TouchPad Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-09-10 358192]
R3 EuMusDesignVirtualAudioCableWdm;@oem6.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM); C:\WINDOWS\system32\DRIVERS\vrtaucbl.sys [2014-07-17 66728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-10-02 3678680]
R3 MarvinBus;@oem26.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-24 261120]
R3 RadioHIDMini;@oem12.inf,%RadioHIDMini%;Radio HID Mini-driver; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [2012-07-27 23408]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RTL8168;@oem42.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-07-26 827096]
R3 tap0901;@oem45.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 TS_ARN5416;@oem46.inf,%ATHR.Service.DispName%;[CommView] Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\ts_athrx.sys [2013-08-16 3543752]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2013-03-08 58536]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S2 vcs;vcs; \??\C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [2014-08-14 4096]
S3 athr;@oem9.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-08-15 3859968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 CV2K1;@oem31.inf,%CommView_Desc%;CommView Network Monitor; C:\WINDOWS\system32\DRIVERS\cv2k1.sys []
S3 dg_ssudbus;@oem49.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ewusbnet;@oem55.inf,%qcwwan.Service.DispName%;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2010-03-25 246224]
S3 FTDIBUS;@oem47.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;@oem48.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2010-03-25 117504]
S3 nmwcd;@oem15.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem19.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;@oem16.inf,%ServiceDisplayName%;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;@oem20.inf,%ServiceDisplayName%;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2012-09-01 15144]
S3 ssudmdm;@oem51.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;@oem52.inf,%ssud.Service.Name%;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\System32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-09-19 239616]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-08-12 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-08-12 430160]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-09-25 312448]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-08-04 149296]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-01 2369720]
R2 Easy Launcher;Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2014-01-29 1593152]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-06 100104]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 SWUpdateService;SW Update Service; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [2014-04-04 3020632]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-01-19 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-29 262320]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16 116648]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-11-23 150600]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivka
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
# AdwCleaner v3.309 - Report created 03/09/2014 at 17:21:26
# Updated 02/09/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Tomas - TOM
# Running from : C:\Users\Tomas\Desktop\adwcleaner_3.309.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowShopper
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Google Chrome v37.0.2062.102
[ File : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4042 octets] - [22/04/2014 14:24:32]
AdwCleaner[R1].txt - [1667 octets] - [03/09/2014 17:18:29]
AdwCleaner[S0].txt - [4000 octets] - [22/04/2014 14:27:48]
AdwCleaner[S1].txt - [1393 octets] - [03/09/2014 17:21:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1453 octets] ##########
# Updated 02/09/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Tomas - TOM
# Running from : C:\Users\Tomas\Desktop\adwcleaner_3.309.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowShopper
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Google Chrome v37.0.2062.102
[ File : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4042 octets] - [22/04/2014 14:24:32]
AdwCleaner[R1].txt - [1667 octets] - [03/09/2014 17:18:29]
AdwCleaner[S0].txt - [4000 octets] - [22/04/2014 14:27:48]
AdwCleaner[S1].txt - [1393 octets] - [03/09/2014 17:21:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1453 octets] ##########
Re: preventivka
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 3. 9. 2014
Scan Time: 20:02:19
Logfile: logMAM.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.03.07
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Tomas
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 540601
Time Elapsed: 20 hr, 11 min, 51 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.weDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, , [f35033b67efd7bbbb6f62ee84eb532ce],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 7
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, , [fd46d316f7841f172391032c639d2ad6],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir, , [291a7c6d4437cc6aee6dfd650bf64db3],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\Tomas\AppData\Local\genienext\nengine.dll.vir, , [370c17d26a11b185c497382a70918080],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\Tomas\AppData\Roaming\newnext.me\nengine.dll.vir, , [e1628762601bbd7979e2174b41c01ce4],
PUP.Optional.OpenCandy, C:\Instal\winamp563_full_emusic-7plus_all.exe, , [321142a76219999ddfd6c54c15f0be42],
Trojan.Agent.DE, C:\Program Files (x86)\SpacialAudio\SAMBC\SAMReporter\SAMReporter.exe, , [073cc9209ae12214d9fb5f4fcd37cb35],
Trojan.Agent.DE, C:\Users\Tomas\Desktop\SAM Broadcaster 4.2.2\SAM Broadcaster 4.2.2\SAM Broadcaster 4.2.2.exe, , [b48f24c5e596aa8c09cb9915ad5718e8],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 3. 9. 2014
Scan Time: 20:02:19
Logfile: logMAM.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.03.07
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Tomas
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 540601
Time Elapsed: 20 hr, 11 min, 51 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.weDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, , [f35033b67efd7bbbb6f62ee84eb532ce],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 7
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, , [fd46d316f7841f172391032c639d2ad6],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir, , [291a7c6d4437cc6aee6dfd650bf64db3],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\Tomas\AppData\Local\genienext\nengine.dll.vir, , [370c17d26a11b185c497382a70918080],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\Tomas\AppData\Roaming\newnext.me\nengine.dll.vir, , [e1628762601bbd7979e2174b41c01ce4],
PUP.Optional.OpenCandy, C:\Instal\winamp563_full_emusic-7plus_all.exe, , [321142a76219999ddfd6c54c15f0be42],
Trojan.Agent.DE, C:\Program Files (x86)\SpacialAudio\SAMBC\SAMReporter\SAMReporter.exe, , [073cc9209ae12214d9fb5f4fcd37cb35],
Trojan.Agent.DE, C:\Users\Tomas\Desktop\SAM Broadcaster 4.2.2\SAM Broadcaster 4.2.2\SAM Broadcaster 4.2.2.exe, , [b48f24c5e596aa8c09cb9915ad5718e8],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: preventivka
Vsechny nalezy nechte odstranit, pak MBAM odinstalujte. Dejte novy log z RSITPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2014-09-05 10:10:32
Microsoft Windows 8.1
System drive C: has 258 GB (57%) free of 453 GB
Total RAM: 3560 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:10:41, on 5. 9. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Opera\Opera.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe -h
O4 - HKCU\..\Run: [Quick Starter] C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Dropbox.lnk = Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 10346 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
dashost.exe {7025b403-167d-4221-880b04fa787a3b71}
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000700
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe" /SERVICE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"LogonUI.exe" /flags:0x0
-hiberboot
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
taskhostex.exe
"C:\Program Files (x86)\Opera\Opera.exe" "https://wifiauth.muni.cz/fs/customwebau ... m/redirect"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Samsung\Settings\sSettings.exe" /s
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe" -h
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Samsung\Support Center\GuaranaAgent.exe"
C:\Windows\System32\skydrive.exe -Embedding
taskhost.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Tomas\AppData\Local\Opera\Opera\temporary_downloads\RSITx64 (1).exe"
rundll32.exe aeinv.dll,UpdateSoftwareInventory
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-08-26 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-08-26 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-06-20 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-08-26 1730256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-13 2894152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-30 13654744]
"Bitcasa"=C:\Program Files\Bitcasa\Bitcasa.exe [2012-12-27 4365824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-09-25 132736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [2012-05-22 1000288]
"Quick Starter"=C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe [2014-04-29 2358064]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-08-12 751184]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-18 766208]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-08-04 161584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-09-25 132736]
C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll [2012-08-06 190480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll [2012-08-06 190480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-09-03 19:54:59 ----D---- C:\ProgramData\Malwarebytes
2014-09-03 17:20:32 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-08-30 13:35:36 ----D---- C:\ProgramData\YTD Video Downloader
2014-08-28 18:03:38 ----D---- C:\WINDOWS\cs
2014-08-28 18:02:38 ----D---- C:\WINDOWS\sk
2014-08-28 18:02:13 ----D---- C:\WINDOWS\sl
2014-08-28 17:59:31 ----D---- C:\WINDOWS\hu
2014-08-28 17:58:30 ----D---- C:\WINDOWS\hr
2014-08-28 17:55:54 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2014-08-28 17:55:51 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2014-08-28 17:55:50 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2014-08-28 17:55:50 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2014-08-28 17:55:45 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2014-08-28 17:55:45 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2014-08-28 17:55:34 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2014-08-28 17:55:34 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2014-08-28 11:01:22 ----A---- C:\WINDOWS\system32\win32k.sys
2014-08-19 22:13:59 ----SHD---- C:\Config.Msi
2014-08-18 21:31:54 ----D---- C:\Titles
2014-08-14 18:37:02 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-08-14 17:50:36 ----D---- C:\Users\Tomas\AppData\Roaming\Avnex
2014-08-14 17:50:36 ----D---- C:\AV_LOGS
2014-08-14 17:48:33 ----D---- C:\Program Files (x86)\AV Vcs 7.0 DIAMOND
2014-08-13 17:48:26 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-08-13 17:48:25 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-08-13 17:48:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-08-13 17:48:22 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-08-13 17:48:21 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-08-13 17:48:20 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-08-13 17:48:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-08-13 17:48:13 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 17:48:10 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-08-13 17:48:09 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-08-13 17:48:08 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-08-13 17:48:08 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 17:48:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-08-13 17:48:07 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 17:48:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-08-13 17:48:03 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-08-13 17:48:02 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-08-13 17:48:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\system32\wininet.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 17:47:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-08-13 17:47:39 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 17:47:38 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 17:47:38 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 17:47:37 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-08-13 17:47:37 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 17:47:35 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-08-13 17:47:35 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-08-13 17:45:42 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 17:45:41 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\system32\dxgi.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\system32\dwmcore.dll
2014-08-13 17:42:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2014-08-13 17:42:39 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-08-13 17:42:29 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2014-08-13 17:42:29 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 17:42:01 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-08-13 17:42:01 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-08-13 17:42:00 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-08-13 17:42:00 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-08-13 17:41:26 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-08-13 17:41:26 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-08-13 17:41:25 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-08-13 17:41:24 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\localspl.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\framedynos.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-08-13 17:41:20 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-08-13 17:41:19 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\winbici.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\framedyn.dll
2014-08-13 17:41:16 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll
2014-08-13 17:41:16 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2014-08-13 17:41:15 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2014-08-13 17:41:15 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\WebClnt.dll
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\SYSWOW64\framedyn.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-13 17:41:13 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2014-08-13 17:41:13 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2014-08-13 17:41:13 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2014-08-13 17:41:09 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-08-13 17:41:08 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-08-13 17:41:08 ----A---- C:\WINDOWS\system32\srms.dat
2014-08-13 17:40:39 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-08-13 17:40:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-08-13 17:40:32 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-13 17:40:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-08-13 17:40:26 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-08-13 17:40:25 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2014-08-13 17:40:25 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbuhci.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbehci.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbd.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFSvc.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\rsaenh.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\hal.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-13 17:40:23 ----A---- C:\WINDOWS\SYSWOW64\DaOtpCredentialProvider.dll
2014-08-13 17:39:45 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 17:39:42 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 17:39:35 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-08-13 17:39:35 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\system32\msi.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\system32\authui.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\system32\consent.exe
2014-08-13 16:12:36 ----D---- C:\ProgramData\Package Cache
======List of files/folders modified in the last 1 month======
2014-09-05 10:10:39 ----D---- C:\WINDOWS\Prefetch
2014-09-05 10:10:39 ----D---- C:\Program Files\trend micro
2014-09-05 10:10:37 ----D---- C:\WINDOWS\Temp
2014-09-05 10:10:10 ----RD---- C:\Program Files (x86)
2014-09-05 10:10:09 ----D---- C:\WINDOWS\system32\drivers
2014-09-05 10:00:00 ----D---- C:\WINDOWS\system32\sru
2014-09-05 08:53:34 ----D---- C:\ProgramData\WinClon
2014-09-05 08:52:24 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2014-09-04 22:31:43 ----D---- C:\WINDOWS\apppatch
2014-09-04 22:29:06 ----D---- C:\Instal
2014-09-04 22:12:13 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2014-09-04 16:20:57 ----D---- C:\WINDOWS\Microsoft.NET
2014-09-04 16:19:26 ----D---- C:\WINDOWS\system32\config
2014-09-04 15:17:31 ----D---- C:\ProgramData\firebird
2014-09-03 19:54:59 ----HD---- C:\ProgramData
2014-09-03 18:42:49 ----D---- C:\Users\Tomas\AppData\Roaming\MiniLyrics
2014-09-03 17:23:46 ----AD---- C:\Windows
2014-09-03 17:21:50 ----D---- C:\AdwCleaner
2014-09-03 17:20:32 ----D---- C:\WINDOWS\SysWOW64
2014-09-03 16:57:51 ----D---- C:\Users\Tomas\AppData\Roaming\Dropbox
2014-09-02 23:29:28 ----D---- C:\WINDOWS\WinSxS
2014-09-01 17:31:50 ----D---- C:\WINDOWS\AppReadiness
2014-09-01 12:14:40 ----D---- C:\WINDOWS\Inf
2014-08-31 19:25:28 ----D---- C:\WINDOWS\system32\Tasks
2014-08-31 19:17:10 ----D---- C:\WINDOWS\system32\NDF
2014-08-31 13:38:24 ----D---- C:\WINDOWS\SoftwareDistribution
2014-08-31 11:55:48 ----D---- C:\WINDOWS\Logs
2014-08-31 11:55:48 ----D---- C:\WINDOWS\debug
2014-08-31 10:24:25 ----RD---- C:\WINDOWS\System32
2014-08-30 22:52:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-30 17:46:00 ----SHD---- C:\System Volume Information
2014-08-30 16:42:36 ----RSD---- C:\WINDOWS\assembly
2014-08-30 11:20:27 ----HD---- C:\Program Files\WindowsApps
2014-08-29 21:47:03 ----D---- C:\WINDOWS\CbsTemp
2014-08-28 18:04:01 ----SHD---- C:\WINDOWS\Installer
2014-08-28 18:01:23 ----D---- C:\WINDOWS\en-GB
2014-08-28 17:56:31 ----D---- C:\Program Files (x86)\Windows Live
2014-08-27 16:34:01 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-08-27 16:31:14 ----D---- C:\Program Files\Microsoft Office 15
2014-08-25 20:42:16 ----D---- C:\WINDOWS\system32\wbem
2014-08-25 20:40:17 ----D---- C:\WINDOWS\Tasks
2014-08-25 20:40:17 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-08-25 20:40:17 ----D---- C:\WINDOWS\system32\catroot2
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\Winamp
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\PhotoFiltre Studio X
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\IrfanView
2014-08-25 20:40:13 ----D---- C:\WINDOWS\system32\CodeIntegrity
2014-08-25 20:39:48 ----D---- C:\Program Files\Virtual Audio Cable
2014-08-25 20:17:46 ----D---- C:\WINDOWS\registration
2014-08-25 20:16:59 ----RD---- C:\Program Files
2014-08-20 21:42:39 ----D---- C:\Program Files (x86)\The KMPlayer
2014-08-19 22:14:31 ----D---- C:\Program Files (x86)\Avira
2014-08-16 07:47:05 ----D---- C:\WINDOWS\system32\DriverStore
2014-08-15 00:24:48 ----D---- C:\WINDOWS\rescache
2014-08-14 23:27:28 ----D---- C:\WINDOWS\system32\catroot
2014-08-14 19:19:47 ----RSD---- C:\WINDOWS\Fonts
2014-08-14 19:14:25 ----D---- C:\Program Files (x86)\Opera
2014-08-14 18:29:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-08-14 18:29:53 ----D---- C:\WINDOWS\system32\cs-CZ
2014-08-14 18:29:48 ----D---- C:\Program Files\Internet Explorer
2014-08-14 18:29:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 18:29:41 ----D---- C:\WINDOWS\PolicyDefinitions
2014-08-14 18:28:39 ----RD---- C:\WINDOWS\ToastData
2014-08-14 18:28:39 ----D---- C:\WINDOWS\system32\migration
2014-08-14 18:28:22 ----D---- C:\WINDOWS\MediaViewer
2014-08-14 18:28:21 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-08-14 18:28:21 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-08-14 18:28:17 ----D---- C:\WINDOWS\system32\en-US
2014-08-14 18:28:10 ----D---- C:\WINDOWS\Camera
2014-08-14 18:28:09 ----D---- C:\WINDOWS\FileManager
2014-08-14 18:28:04 ----SD---- C:\WINDOWS\system32\CompatTel
2014-08-14 17:46:38 ----D---- C:\Program Files (x86)\Common Files
2014-08-14 17:05:46 ----D---- C:\WINDOWS\system32\MRT
2014-08-14 16:59:00 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-13 17:35:43 ----A---- C:\WINDOWS\system32\mfps.dll
2014-08-13 16:24:11 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-08-13 16:24:08 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 16:23:30 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-08-13 16:23:28 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 16:23:25 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-08-13 16:23:24 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-08-13 16:23:24 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-08-13 16:23:21 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-08-13 16:23:21 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-08-13 16:23:10 ----A---- C:\WINDOWS\system32\msrating.dll
2014-08-13 16:23:08 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-08-13 16:13:31 ----D---- C:\ProgramData\Avira
2014-08-06 18:00:12 ----D---- C:\WINDOWS\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2013-07-23 80640]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2013-07-23 25344]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2014-06-03 130584]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-11-29 28600]
R1 cbfs3;cbfs3; \??\C:\windows\system32\drivers\cbfs3.sys [2012-08-06 352456]
R1 dtsoftbus01;@oem14.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-01-27 283200]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 APXACC;@oem33.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2012-06-23 199008]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2014-07-05 117712]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-09-19 12531712]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-09-19 619008]
R3 AthBTPort;@oem8.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-09-25 89800]
R3 AtiHDAudioService;@oem43.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-06-22 138240]
R3 BTATH_A2DP;@oem5.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-09-25 338120]
R3 btath_avdt;@oem5.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-09-25 116424]
R3 BTATH_BUS;@oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-25 34384]
R3 BTATH_HCRP;@oem10.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-09-25 179432]
R3 BTATH_HID;@oem11.inf,%BTATH_HID%;Bluetooth HID Device; C:\WINDOWS\system32\DRIVERS\btath_hid.sys [2013-09-25 223432]
R3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-09-25 77464]
R3 BTATH_RCP;@oem35.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-09-25 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-09-25 594632]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem40.inf,%SamsungDeviceDesc%;Samsung TouchPad Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-09-10 358192]
R3 EuMusDesignVirtualAudioCableWdm;@oem6.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM); C:\WINDOWS\system32\DRIVERS\vrtaucbl.sys [2014-07-17 66728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-10-02 3678680]
R3 MarvinBus;@oem26.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-24 261120]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
R3 RadioHIDMini;@oem12.inf,%RadioHIDMini%;Radio HID Mini-driver; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [2012-07-27 23408]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RTL8168;@oem42.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-07-26 827096]
R3 tap0901;@oem45.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 TS_ARN5416;@oem46.inf,%ATHR.Service.DispName%;[CommView] Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\ts_athrx.sys [2013-08-16 3543752]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2013-03-08 58536]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S2 vcs;vcs; \??\C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [2014-08-14 4096]
S3 athr;@oem9.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-08-15 3859968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 CV2K1;@oem31.inf,%CommView_Desc%;CommView Network Monitor; C:\WINDOWS\system32\DRIVERS\cv2k1.sys []
S3 dg_ssudbus;@oem49.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ewusbnet;@oem55.inf,%qcwwan.Service.DispName%;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2010-03-25 246224]
S3 FTDIBUS;@oem47.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;@oem48.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2010-03-25 117504]
S3 nmwcd;@oem15.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem19.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;@oem16.inf,%ServiceDisplayName%;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;@oem20.inf,%ServiceDisplayName%;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2012-09-01 15144]
S3 ssudmdm;@oem51.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;@oem52.inf,%ssud.Service.Name%;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\System32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-09-19 239616]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-08-12 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-08-12 430160]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-09-25 312448]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-08-04 149296]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-01 2369720]
R2 Easy Launcher;Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2014-01-29 1593152]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-06 100104]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 SWUpdateService;SW Update Service; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [2014-04-04 3020632]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-01-19 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-29 262320]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16 116648]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-11-23 150600]
-----------------EOF-----------------
Run by Tomas at 2014-09-05 10:10:32
Microsoft Windows 8.1
System drive C: has 258 GB (57%) free of 453 GB
Total RAM: 3560 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:10:41, on 5. 9. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Opera\Opera.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe -h
O4 - HKCU\..\Run: [Quick Starter] C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Dropbox.lnk = Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 10346 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
dashost.exe {7025b403-167d-4221-880b04fa787a3b71}
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000700
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe" /SERVICE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"LogonUI.exe" /flags:0x0
-hiberboot
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
taskhostex.exe
"C:\Program Files (x86)\Opera\Opera.exe" "https://wifiauth.muni.cz/fs/customwebau ... m/redirect"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Samsung\Settings\sSettings.exe" /s
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe" -h
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Samsung\Support Center\GuaranaAgent.exe"
C:\Windows\System32\skydrive.exe -Embedding
taskhost.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Tomas\AppData\Local\Opera\Opera\temporary_downloads\RSITx64 (1).exe"
rundll32.exe aeinv.dll,UpdateSoftwareInventory
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-08-26 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-08-26 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-06-20 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-08-26 1730256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-13 2894152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-30 13654744]
"Bitcasa"=C:\Program Files\Bitcasa\Bitcasa.exe [2012-12-27 4365824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-09-25 132736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [2012-05-22 1000288]
"Quick Starter"=C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe [2014-04-29 2358064]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-08-12 751184]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-18 766208]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-08-04 161584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-09-25 132736]
C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll [2012-08-06 190480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll [2012-08-06 190480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-09-03 19:54:59 ----D---- C:\ProgramData\Malwarebytes
2014-09-03 17:20:32 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-08-30 13:35:36 ----D---- C:\ProgramData\YTD Video Downloader
2014-08-28 18:03:38 ----D---- C:\WINDOWS\cs
2014-08-28 18:02:38 ----D---- C:\WINDOWS\sk
2014-08-28 18:02:13 ----D---- C:\WINDOWS\sl
2014-08-28 17:59:31 ----D---- C:\WINDOWS\hu
2014-08-28 17:58:30 ----D---- C:\WINDOWS\hr
2014-08-28 17:55:54 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2014-08-28 17:55:54 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2014-08-28 17:55:51 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2014-08-28 17:55:50 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2014-08-28 17:55:50 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2014-08-28 17:55:45 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2014-08-28 17:55:45 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2014-08-28 17:55:34 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2014-08-28 17:55:34 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2014-08-28 11:01:22 ----A---- C:\WINDOWS\system32\win32k.sys
2014-08-19 22:13:59 ----SHD---- C:\Config.Msi
2014-08-18 21:31:54 ----D---- C:\Titles
2014-08-14 18:37:02 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-08-14 17:50:36 ----D---- C:\Users\Tomas\AppData\Roaming\Avnex
2014-08-14 17:50:36 ----D---- C:\AV_LOGS
2014-08-14 17:48:33 ----D---- C:\Program Files (x86)\AV Vcs 7.0 DIAMOND
2014-08-13 17:48:26 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-08-13 17:48:25 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-08-13 17:48:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-08-13 17:48:22 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-08-13 17:48:21 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-08-13 17:48:20 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-08-13 17:48:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-08-13 17:48:13 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-08-13 17:48:11 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 17:48:10 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-08-13 17:48:09 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-08-13 17:48:08 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-08-13 17:48:08 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 17:48:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-08-13 17:48:07 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 17:48:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-08-13 17:48:03 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-08-13 17:48:02 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-08-13 17:48:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\system32\wininet.dll
2014-08-13 17:47:40 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 17:47:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-08-13 17:47:39 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 17:47:38 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 17:47:38 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 17:47:37 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-08-13 17:47:37 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 17:47:35 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-08-13 17:47:35 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-08-13 17:45:42 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 17:45:41 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\system32\dxgi.dll
2014-08-13 17:42:41 ----A---- C:\WINDOWS\system32\dwmcore.dll
2014-08-13 17:42:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2014-08-13 17:42:39 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-08-13 17:42:29 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2014-08-13 17:42:29 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 17:42:01 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-08-13 17:42:01 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-08-13 17:42:00 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-08-13 17:42:00 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-13 17:41:45 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-08-13 17:41:26 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-08-13 17:41:26 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-08-13 17:41:25 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-08-13 17:41:24 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\localspl.dll
2014-08-13 17:41:23 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2014-08-13 17:41:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\framedynos.dll
2014-08-13 17:41:21 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-08-13 17:41:20 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-08-13 17:41:19 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-08-13 17:41:18 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\winbici.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2014-08-13 17:41:17 ----A---- C:\WINDOWS\system32\framedyn.dll
2014-08-13 17:41:16 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll
2014-08-13 17:41:16 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2014-08-13 17:41:15 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2014-08-13 17:41:15 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\WebClnt.dll
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-08-13 17:41:15 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\SYSWOW64\framedyn.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-13 17:41:14 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-13 17:41:13 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2014-08-13 17:41:13 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2014-08-13 17:41:13 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2014-08-13 17:41:09 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-08-13 17:41:08 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-08-13 17:41:08 ----A---- C:\WINDOWS\system32\srms.dat
2014-08-13 17:40:39 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-08-13 17:40:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-08-13 17:40:32 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-13 17:40:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-08-13 17:40:26 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-08-13 17:40:25 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2014-08-13 17:40:25 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbuhci.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbehci.sys
2014-08-13 17:40:24 ----AC---- C:\WINDOWS\system32\drivers\usbd.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFSvc.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\rsaenh.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\hal.dll
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2014-08-13 17:40:24 ----A---- C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-13 17:40:23 ----A---- C:\WINDOWS\SYSWOW64\DaOtpCredentialProvider.dll
2014-08-13 17:39:45 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 17:39:42 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 17:39:35 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-08-13 17:39:35 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\system32\msi.dll
2014-08-13 17:39:23 ----A---- C:\WINDOWS\system32\authui.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-08-13 17:39:22 ----A---- C:\WINDOWS\system32\consent.exe
2014-08-13 16:12:36 ----D---- C:\ProgramData\Package Cache
======List of files/folders modified in the last 1 month======
2014-09-05 10:10:39 ----D---- C:\WINDOWS\Prefetch
2014-09-05 10:10:39 ----D---- C:\Program Files\trend micro
2014-09-05 10:10:37 ----D---- C:\WINDOWS\Temp
2014-09-05 10:10:10 ----RD---- C:\Program Files (x86)
2014-09-05 10:10:09 ----D---- C:\WINDOWS\system32\drivers
2014-09-05 10:00:00 ----D---- C:\WINDOWS\system32\sru
2014-09-05 08:53:34 ----D---- C:\ProgramData\WinClon
2014-09-05 08:52:24 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2014-09-04 22:31:43 ----D---- C:\WINDOWS\apppatch
2014-09-04 22:29:06 ----D---- C:\Instal
2014-09-04 22:12:13 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2014-09-04 16:20:57 ----D---- C:\WINDOWS\Microsoft.NET
2014-09-04 16:19:26 ----D---- C:\WINDOWS\system32\config
2014-09-04 15:17:31 ----D---- C:\ProgramData\firebird
2014-09-03 19:54:59 ----HD---- C:\ProgramData
2014-09-03 18:42:49 ----D---- C:\Users\Tomas\AppData\Roaming\MiniLyrics
2014-09-03 17:23:46 ----AD---- C:\Windows
2014-09-03 17:21:50 ----D---- C:\AdwCleaner
2014-09-03 17:20:32 ----D---- C:\WINDOWS\SysWOW64
2014-09-03 16:57:51 ----D---- C:\Users\Tomas\AppData\Roaming\Dropbox
2014-09-02 23:29:28 ----D---- C:\WINDOWS\WinSxS
2014-09-01 17:31:50 ----D---- C:\WINDOWS\AppReadiness
2014-09-01 12:14:40 ----D---- C:\WINDOWS\Inf
2014-08-31 19:25:28 ----D---- C:\WINDOWS\system32\Tasks
2014-08-31 19:17:10 ----D---- C:\WINDOWS\system32\NDF
2014-08-31 13:38:24 ----D---- C:\WINDOWS\SoftwareDistribution
2014-08-31 11:55:48 ----D---- C:\WINDOWS\Logs
2014-08-31 11:55:48 ----D---- C:\WINDOWS\debug
2014-08-31 10:24:25 ----RD---- C:\WINDOWS\System32
2014-08-30 22:52:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-30 17:46:00 ----SHD---- C:\System Volume Information
2014-08-30 16:42:36 ----RSD---- C:\WINDOWS\assembly
2014-08-30 11:20:27 ----HD---- C:\Program Files\WindowsApps
2014-08-29 21:47:03 ----D---- C:\WINDOWS\CbsTemp
2014-08-28 18:04:01 ----SHD---- C:\WINDOWS\Installer
2014-08-28 18:01:23 ----D---- C:\WINDOWS\en-GB
2014-08-28 17:56:31 ----D---- C:\Program Files (x86)\Windows Live
2014-08-27 16:34:01 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-08-27 16:31:14 ----D---- C:\Program Files\Microsoft Office 15
2014-08-25 20:42:16 ----D---- C:\WINDOWS\system32\wbem
2014-08-25 20:40:17 ----D---- C:\WINDOWS\Tasks
2014-08-25 20:40:17 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-08-25 20:40:17 ----D---- C:\WINDOWS\system32\catroot2
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\Winamp
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\PhotoFiltre Studio X
2014-08-25 20:40:17 ----D---- C:\Users\Tomas\AppData\Roaming\IrfanView
2014-08-25 20:40:13 ----D---- C:\WINDOWS\system32\CodeIntegrity
2014-08-25 20:39:48 ----D---- C:\Program Files\Virtual Audio Cable
2014-08-25 20:17:46 ----D---- C:\WINDOWS\registration
2014-08-25 20:16:59 ----RD---- C:\Program Files
2014-08-20 21:42:39 ----D---- C:\Program Files (x86)\The KMPlayer
2014-08-19 22:14:31 ----D---- C:\Program Files (x86)\Avira
2014-08-16 07:47:05 ----D---- C:\WINDOWS\system32\DriverStore
2014-08-15 00:24:48 ----D---- C:\WINDOWS\rescache
2014-08-14 23:27:28 ----D---- C:\WINDOWS\system32\catroot
2014-08-14 19:19:47 ----RSD---- C:\WINDOWS\Fonts
2014-08-14 19:14:25 ----D---- C:\Program Files (x86)\Opera
2014-08-14 18:29:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-08-14 18:29:53 ----D---- C:\WINDOWS\system32\cs-CZ
2014-08-14 18:29:48 ----D---- C:\Program Files\Internet Explorer
2014-08-14 18:29:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 18:29:41 ----D---- C:\WINDOWS\PolicyDefinitions
2014-08-14 18:28:39 ----RD---- C:\WINDOWS\ToastData
2014-08-14 18:28:39 ----D---- C:\WINDOWS\system32\migration
2014-08-14 18:28:22 ----D---- C:\WINDOWS\MediaViewer
2014-08-14 18:28:21 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-08-14 18:28:21 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-08-14 18:28:17 ----D---- C:\WINDOWS\system32\en-US
2014-08-14 18:28:10 ----D---- C:\WINDOWS\Camera
2014-08-14 18:28:09 ----D---- C:\WINDOWS\FileManager
2014-08-14 18:28:04 ----SD---- C:\WINDOWS\system32\CompatTel
2014-08-14 17:46:38 ----D---- C:\Program Files (x86)\Common Files
2014-08-14 17:05:46 ----D---- C:\WINDOWS\system32\MRT
2014-08-14 16:59:00 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-13 17:35:43 ----A---- C:\WINDOWS\system32\mfps.dll
2014-08-13 16:24:11 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-08-13 16:24:08 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 16:23:32 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 16:23:30 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-08-13 16:23:28 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 16:23:25 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-08-13 16:23:24 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-08-13 16:23:24 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-08-13 16:23:21 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-08-13 16:23:21 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-08-13 16:23:10 ----A---- C:\WINDOWS\system32\msrating.dll
2014-08-13 16:23:08 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-08-13 16:13:31 ----D---- C:\ProgramData\Avira
2014-08-06 18:00:12 ----D---- C:\WINDOWS\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2013-07-23 80640]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2013-07-23 25344]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2014-06-03 130584]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-11-29 28600]
R1 cbfs3;cbfs3; \??\C:\windows\system32\drivers\cbfs3.sys [2012-08-06 352456]
R1 dtsoftbus01;@oem14.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-01-27 283200]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 APXACC;@oem33.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2012-06-23 199008]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2014-07-05 117712]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-09-19 12531712]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-09-19 619008]
R3 AthBTPort;@oem8.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-09-25 89800]
R3 AtiHDAudioService;@oem43.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-06-22 138240]
R3 BTATH_A2DP;@oem5.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-09-25 338120]
R3 btath_avdt;@oem5.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-09-25 116424]
R3 BTATH_BUS;@oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-25 34384]
R3 BTATH_HCRP;@oem10.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-09-25 179432]
R3 BTATH_HID;@oem11.inf,%BTATH_HID%;Bluetooth HID Device; C:\WINDOWS\system32\DRIVERS\btath_hid.sys [2013-09-25 223432]
R3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-09-25 77464]
R3 BTATH_RCP;@oem35.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-09-25 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-09-25 594632]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem40.inf,%SamsungDeviceDesc%;Samsung TouchPad Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-09-10 358192]
R3 EuMusDesignVirtualAudioCableWdm;@oem6.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM); C:\WINDOWS\system32\DRIVERS\vrtaucbl.sys [2014-07-17 66728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-10-02 3678680]
R3 MarvinBus;@oem26.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-24 261120]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
R3 RadioHIDMini;@oem12.inf,%RadioHIDMini%;Radio HID Mini-driver; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [2012-07-27 23408]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RTL8168;@oem42.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-07-26 827096]
R3 tap0901;@oem45.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 TS_ARN5416;@oem46.inf,%ATHR.Service.DispName%;[CommView] Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\ts_athrx.sys [2013-08-16 3543752]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2013-03-08 58536]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S2 vcs;vcs; \??\C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [2014-08-14 4096]
S3 athr;@oem9.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-08-15 3859968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 CV2K1;@oem31.inf,%CommView_Desc%;CommView Network Monitor; C:\WINDOWS\system32\DRIVERS\cv2k1.sys []
S3 dg_ssudbus;@oem49.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ewusbnet;@oem55.inf,%qcwwan.Service.DispName%;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2010-03-25 246224]
S3 FTDIBUS;@oem47.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;@oem48.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2010-03-25 117504]
S3 nmwcd;@oem15.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem19.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;@oem16.inf,%ServiceDisplayName%;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;@oem20.inf,%ServiceDisplayName%;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2012-09-01 15144]
S3 ssudmdm;@oem51.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;@oem52.inf,%ssud.Service.Name%;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\System32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-09-19 239616]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-08-12 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-08-12 430160]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-09-25 312448]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-08-04 149296]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-01 2369720]
R2 Easy Launcher;Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2014-01-29 1593152]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-06 100104]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 SWUpdateService;SW Update Service; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [2014-04-04 3020632]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-01-19 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-29 262320]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16 116648]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-11-23 150600]
-----------------EOF-----------------
Re: preventivka
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
OTL logfile created on: 6. 9. 2014 0:41:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomas\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
3,48 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,51% Memory free
4,48 Gb Paging File | 2,18 Gb Available in Paging File | 48,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442,19 Gb Total Space | 251,50 Gb Free Space | 56,88% Space Free | Partition Type: NTFS
Computer Name: TOM | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/09/06 00:39:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
PRC - [2014/08/12 21:01:28 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014/08/12 21:01:00 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/08/04 14:20:42 | 000,161,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014/08/04 14:20:40 | 000,149,296 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014/07/30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/07/22 06:20:14 | 010,215,024 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
PRC - [2014/04/22 23:46:25 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2014/04/04 16:38:40 | 003,020,632 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
PRC - [2014/01/29 13:20:52 | 001,593,152 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2014/01/29 13:20:50 | 000,084,800 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2014/01/29 13:20:42 | 002,623,296 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2013/12/18 11:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/17 12:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013/09/25 03:43:56 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010/09/17 12:14:50 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
PRC - [2010/09/17 12:14:42 | 003,735,552 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
========== Modules (No Company Name) ==========
MOD - [2014/09/05 23:46:53 | 000,043,008 | ---- | M] () -- c:\users\tomas\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwitbow.dll
MOD - [2014/08/23 17:01:44 | 000,146,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\8e945b32dd6b4b00c900f6c01c0f3c62\System.Numerics.ni.dll
MOD - [2014/08/04 14:20:40 | 000,139,056 | ---- | M] () -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
MOD - [2014/07/30 02:20:20 | 003,610,624 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/04/22 23:46:37 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2014/04/22 23:46:37 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2014/04/22 23:46:37 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2014/04/22 23:46:37 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2014/04/22 23:46:37 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2014/04/22 23:46:37 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2014/04/22 23:46:37 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2014/04/22 23:46:37 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2014/04/22 23:46:36 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2014/04/22 23:46:36 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2014/04/22 23:46:36 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2014/04/22 23:46:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2014/04/11 13:12:30 | 007,802,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll
MOD - [2014/04/11 13:12:23 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll
MOD - [2014/04/11 13:12:20 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll
MOD - [2014/04/11 13:05:26 | 000,219,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\5e015d37aa3fdc75648e9d00d44d13ac\System.ServiceProcess.ni.dll
MOD - [2014/04/11 13:05:25 | 019,566,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\4c3126aec3364546e4ade89c24c4e742\System.ServiceModel.ni.dll
MOD - [2014/04/11 13:05:05 | 002,804,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll
MOD - [2014/04/11 13:04:58 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll
MOD - [2014/04/11 13:04:55 | 007,385,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\8a7f63a63249ceccb5c51a9a372aaf64\System.Data.ni.dll
MOD - [2014/04/11 13:04:47 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll
MOD - [2014/04/11 13:04:46 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\e1c86f334a29d92ca264950085cd817e\PresentationFramework.Aero2.ni.dll
MOD - [2014/04/11 13:04:45 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll
MOD - [2014/04/11 13:04:23 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll
MOD - [2014/04/11 11:00:14 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll
MOD - [2014/04/11 11:00:02 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\c1194e56644c7688e7eb0f68a57dcc30\System.Core.ni.dll
MOD - [2014/04/11 10:59:53 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll
MOD - [2014/01/29 13:20:54 | 000,109,888 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2014/01/29 13:20:48 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2014/01/29 13:20:42 | 000,059,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2014/01/29 13:20:38 | 000,102,720 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2014/01/29 13:20:36 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2014/01/27 13:52:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2013/08/23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/01/18 09:47:48 | 004,548,096 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\libcodec.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/08/13 16:23:32 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/01 00:12:28 | 002,369,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/04/06 13:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/03 04:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 08:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 17:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 11:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 11:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 11:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 11:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 11:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 09:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/09/19 06:32:20 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/09/06 14:51:18 | 000,100,104 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013/08/22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/08/29 19:46:53 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/12 21:01:28 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/08/12 21:01:00 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/08/04 14:20:40 | 000,149,296 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014/04/04 16:38:40 | 003,020,632 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2014/03/14 08:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/01/29 13:20:52 | 001,593,152 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2013/12/18 11:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/17 12:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/25 04:08:56 | 000,312,448 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/09/25 03:43:56 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/08/22 15:10:14 | 000,032,568 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2013/08/22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2010/09/17 12:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2010/09/17 12:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/07/17 20:08:21 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2014/07/05 23:09:43 | 000,117,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014/06/03 21:39:37 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014/05/31 12:07:07 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/05/01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/01 08:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 18:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 17:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 17:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 17:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 17:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 09:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudobex.sys -- (ssudobex)
DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/29 16:59:30 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/11/16 19:21:31 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/09/30 06:06:51 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/30 05:58:15 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/30 05:58:11 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/25 03:45:26 | 000,594,632 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/09/25 03:45:26 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/09/25 03:45:24 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/09/25 03:45:24 | 000,223,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hid.sys -- (BTATH_HID)
DRV:64bit: - [2013/09/25 03:45:24 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/09/25 03:45:24 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/09/25 03:45:24 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/09/25 03:45:24 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/09/25 03:45:24 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/09/19 07:39:28 | 012,531,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/09/19 06:04:26 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/09/10 16:37:02 | 000,358,192 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:40:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013/08/22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/16 11:40:57 | 003,543,752 | ---- | M] (TamoSoft) [CommView] Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ts_athrx.sys -- (TS_ARN5416)
DRV:64bit: - [2013/08/15 21:13:30 | 003,859,968 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/26 16:07:30 | 000,827,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/23 14:37:20 | 000,025,344 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/07/23 14:37:18 | 000,080,640 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/06/22 13:49:50 | 000,138,240 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/03/08 17:47:50 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2013/01/27 19:33:26 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/06 12:37:08 | 000,352,456 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2012/07/27 14:00:03 | 000,023,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012/06/23 06:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2011/08/17 11:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011/08/17 11:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011/08/17 10:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/17 10:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/17 10:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/03/18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2010/03/25 18:09:36 | 000,246,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010/03/25 18:09:36 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2005/09/24 00:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2014/08/14 17:46:38 | 000,004,096 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Common Files\Avnex\vcs64.sys -- (vcs)
DRV - [2012/09/01 11:50:05 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013/01/24 18:53:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions
[2013/01/24 18:53:28 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/03/30 15:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávánà Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Peněženka Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/04/23 20:16:33 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Bitcasa] C:\Program Files\Bitcasa\Bitcasa.exe (Bitcasa, Inc)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1499688777-3318823800-151401397-1001..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe (AppEx Networks Corporation)
O4 - HKU\S-1-5-21-1499688777-3318823800-151401397-1001..\Run: [Quick Starter] C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe (Samsung Electronics CO., LTD.)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.146.135.10 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{281DA9CF-B411-4B71-A889-91B468DE9603}: DhcpNameServer = 88.146.135.10 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8BC18B0-CA29-4825-A3D8-26E9392B62C1}: DhcpNameServer = 212.73.32.3 212.73.32.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC6775B6-70D3-49B0-837A-3C32B84811C4}: DhcpNameServer = 147.251.4.33 147.251.6.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F56605E8-0E30-45B6-A6A6-99372712EDE3}: DhcpNameServer = 147.251.6.10 147.251.4.33
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{18a68b29-1bbd-11e4-bf1a-50b7c33aa934}\Shell - "" = AutoRun
O33 - MountPoints2\{18a68b29-1bbd-11e4-bf1a-50b7c33aa934}\Shell\AutoRun\command - "" = "D:\setup_vmb_lite.exe" /checkApplicationPresence
O33 - MountPoints2\{18a68b77-1bbd-11e4-bf1a-50b7c33aa934}\Shell - "" = AutoRun
O33 - MountPoints2\{18a68b77-1bbd-11e4-bf1a-50b7c33aa934}\Shell\AutoRun\command - "" = "D:\setup_vmb_lite.exe" /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\WINDOWS\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\WINDOWS\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/09/06 00:39:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2014/09/05 16:53:48 | 000,000,000 | R--D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/09/03 19:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/09/03 17:20:32 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/08/30 13:35:36 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2014/08/30 13:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2014/08/30 12:19:46 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Adobe
[2014/08/28 18:03:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\cs
[2014/08/28 18:02:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\sk
[2014/08/28 18:02:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\sl
[2014/08/28 17:59:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\hu
[2014/08/28 17:58:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\hr
[2014/08/28 17:55:54 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_7.dll
[2014/08/28 17:55:54 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_7.dll
[2014/08/28 17:55:54 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_5.dll
[2014/08/28 17:55:54 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2014/08/28 17:55:51 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_43.dll
[2014/08/28 17:55:50 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_43.dll
[2014/08/28 17:55:50 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2014/08/28 17:55:45 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_42.dll
[2014/08/28 17:55:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2014/08/28 17:55:34 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll
[2014/08/28 17:55:34 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll
[2014/08/24 17:36:27 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Windows Live
[2014/08/19 22:13:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/08/18 21:31:54 | 000,000,000 | ---D | C] -- C:\Titles
[2014/08/18 21:21:52 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\UpdateTitle2-9
[2014/08/14 22:58:09 | 000,724,992 | ---- | C] (CurveRadio) -- C:\Users\Tomas\Desktop\CurveRadio Desktop App.exe
[2014/08/14 19:27:10 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster
[2014/08/14 18:37:02 | 000,704,480 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/08/14 18:37:02 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/08/14 17:50:36 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Avnex
[2014/08/14 17:50:36 | 000,000,000 | ---D | C] -- C:\AV_LOGS
[2014/08/14 17:49:15 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voice Changer Software DIAMOND
[2014/08/14 17:48:54 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Application Data
[2014/08/14 17:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AV Vcs 7.0 DIAMOND
[2014/08/14 17:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Avnex
[2014/08/13 17:48:23 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/08/13 17:48:21 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/08/13 17:48:15 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/08/13 17:48:11 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/08/13 17:48:10 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/08/13 17:48:09 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/08/13 17:48:08 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/08/13 17:48:08 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/08/13 17:48:07 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/08/13 17:48:07 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/08/13 17:48:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/08/13 17:48:02 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/08/13 17:47:39 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/08/13 17:47:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/08/13 17:47:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/08/13 17:47:37 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/08/13 17:47:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/08/13 17:47:35 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/08/13 17:45:42 | 001,273,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2014/08/13 17:42:41 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/08/13 17:42:41 | 000,517,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/08/13 17:42:29 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014/08/13 17:42:29 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2014/08/13 17:42:01 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014/08/13 17:42:01 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014/08/13 17:42:00 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014/08/13 17:42:00 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014/08/13 17:41:45 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/08/13 17:41:45 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/08/13 17:41:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/08/13 17:41:26 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/08/13 17:41:26 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2014/08/13 17:41:24 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/08/13 17:41:23 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/08/13 17:41:23 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/08/13 17:41:23 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2014/08/13 17:41:22 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/08/13 17:41:22 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/08/13 17:41:21 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2014/08/13 17:41:21 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/08/13 17:41:20 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/08/13 17:41:19 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2014/08/13 17:41:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2014/08/13 17:41:18 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2014/08/13 17:41:17 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll
[2014/08/13 17:41:17 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/08/13 17:41:17 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2014/08/13 17:41:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2014/08/13 17:41:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2014/08/13 17:41:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2014/08/13 17:41:14 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll
[2014/08/13 17:41:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014/08/13 17:41:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2014/08/13 17:41:09 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014/08/13 17:40:39 | 000,697,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/08/13 17:40:38 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/08/13 17:40:32 | 016,871,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/08/13 17:40:28 | 012,711,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/08/13 17:40:25 | 000,440,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2014/08/13 17:40:24 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/08/13 17:40:24 | 000,423,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014/08/13 17:40:24 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DaOtpCredentialProvider.dll
[2014/08/13 17:40:24 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFHost.exe
[2014/08/13 17:40:24 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2014/08/13 17:40:24 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFPlatform.dll
[2014/08/13 17:40:24 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2014/08/13 17:40:23 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DaOtpCredentialProvider.dll
[2014/08/13 17:39:45 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/08/13 17:39:42 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/08/13 17:39:35 | 001,336,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/08/13 17:39:23 | 002,790,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/08/13 17:39:23 | 002,642,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/08/13 17:39:23 | 002,318,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/08/13 17:39:22 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll
[2014/08/13 17:39:22 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014/08/13 17:39:22 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014/08/13 16:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/08/09 10:42:24 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\beach tournament
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/09/06 00:44:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/09/06 00:43:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/09/06 00:41:12 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/06 00:39:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2014/09/05 23:41:45 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/09/05 19:41:01 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/05 19:41:01 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/04 23:24:19 | 000,071,568 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_23-24-11.mp3
[2014/09/04 22:31:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/09/04 22:31:49 | 2986,688,512 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/04 15:49:05 | 000,172,872 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_15-48-49.mp3
[2014/09/03 17:17:03 | 001,370,467 | ---- | M] () -- C:\Users\Tomas\Desktop\adwcleaner_3.309.exe
[2014/08/31 10:27:04 | 000,625,048 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/08/30 22:52:57 | 001,745,984 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/08/30 22:52:57 | 000,739,924 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014/08/30 22:52:57 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/08/30 22:52:57 | 000,151,610 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014/08/30 22:52:57 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/08/30 13:35:32 | 000,001,305 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2014/08/28 20:27:52 | 000,022,810 | ---- | M] () -- C:\Users\Tomas\Desktop\Můj film.wlmp
[2014/08/20 21:42:37 | 000,001,051 | ---- | M] () -- C:\Users\Tomas\Desktop\KMPlayer.lnk
[2014/08/19 22:14:33 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/08/18 21:20:59 | 000,232,627 | ---- | M] () -- C:\Users\Tomas\Desktop\UpdateTitle2-9.zip
[2014/08/15 17:42:02 | 000,067,816 | ---- | M] () -- C:\Users\Tomas\Desktop\This_is_czech_pinkney_on_curveradio_plain-voice.mp3
[2014/08/14 22:58:10 | 000,724,992 | ---- | M] (CurveRadio) -- C:\Users\Tomas\Desktop\CurveRadio Desktop App.exe
[2014/08/14 22:33:20 | 000,001,094 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/08/14 22:32:56 | 000,001,062 | ---- | M] () -- C:\Users\Tomas\Desktop\Dropbox.lnk
[2014/08/14 19:27:12 | 000,002,030 | ---- | M] () -- C:\Users\Tomas\Desktop\SAM Broadcaster.lnk
[2014/08/14 18:13:37 | 000,035,280 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-13-32.mp3
[2014/08/14 18:11:00 | 000,049,392 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-10-43.mp3
[2014/08/14 18:10:42 | 000,041,328 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-10-37.mp3
[2014/08/14 17:54:02 | 000,067,536 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_17-52-17.mp3
[2014/08/14 17:49:19 | 000,001,230 | ---- | M] () -- C:\Users\Tomas\Desktop\Voice Changer 7.0 Diamond.lnk
[2014/08/13 17:35:43 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/08/13 16:25:55 | 000,428,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/08/13 16:24:11 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/08/13 16:23:32 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/08/13 16:23:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/08/13 16:23:32 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/08/13 16:23:30 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/08/13 16:23:28 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/08/13 16:23:25 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/08/13 16:23:24 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/08/13 16:23:24 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/08/13 16:23:21 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/08/13 16:23:21 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/08/13 16:23:10 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/08/07 04:12:27 | 001,336,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/09/06 00:43:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/09/04 23:24:14 | 000,071,568 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_23-24-11.mp3
[2014/09/04 15:48:53 | 000,172,872 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_15-48-49.mp3
[2014/09/03 17:17:02 | 001,370,467 | ---- | C] () -- C:\Users\Tomas\Desktop\adwcleaner_3.309.exe
[2014/08/28 18:52:38 | 000,022,810 | ---- | C] () -- C:\Users\Tomas\Desktop\Můj film.wlmp
[2014/08/28 17:57:55 | 000,001,329 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2014/08/19 22:14:33 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/08/18 21:20:58 | 000,232,627 | ---- | C] () -- C:\Users\Tomas\Desktop\UpdateTitle2-9.zip
[2014/08/15 17:41:59 | 000,067,816 | ---- | C] () -- C:\Users\Tomas\Desktop\This_is_czech_pinkney_on_curveradio_plain-voice.mp3
[2014/08/14 19:27:12 | 000,002,030 | ---- | C] () -- C:\Users\Tomas\Desktop\SAM Broadcaster.lnk
[2014/08/14 18:13:34 | 000,035,280 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-13-32.mp3
[2014/08/14 18:10:56 | 000,049,392 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-10-43.mp3
[2014/08/14 18:10:39 | 000,041,328 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-10-37.mp3
[2014/08/14 17:53:57 | 000,067,536 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_17-52-17.mp3
[2014/08/14 17:49:19 | 000,001,230 | ---- | C] () -- C:\Users\Tomas\Desktop\Voice Changer 7.0 Diamond.lnk
[2014/08/13 17:41:08 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/04/09 21:00:46 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 17:01:53 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/11/18 19:18:54 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/17 21:46:56 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/11/16 19:33:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/09/26 20:02:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/26 20:02:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/26 20:02:36 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/26 20:02:18 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/26 20:02:18 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/18 19:24:50 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/25 15:24:34 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013/02/24 20:25:19 | 000,006,656 | ---- | C] () -- C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/27 23:10:53 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
========== ZeroAccess Check ==========
[2014/03/01 00:32:42 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/06 18:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/06 17:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/01/29 10:45:44 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AudioTuner
[2014/08/14 17:50:36 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Avnex
[2013/02/10 21:44:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Brain Workshop
[2013/09/27 18:14:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BSW
[2013/10/17 19:50:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\bwincom
[2013/07/10 19:48:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\calibre
[2013/10/17 19:50:55 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\cef-cache
[2013/04/27 14:21:32 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\com.bitcasa.Bitcasa
[2014/02/10 01:14:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2014/09/05 23:47:04 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2013/02/04 20:49:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Easy File Share
[2014/05/14 18:33:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\FlowStone
[2014/05/14 18:33:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Image-Line
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IrfanView
[2013/07/10 19:34:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IsolatedStorage
[2014/01/16 00:45:47 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MAGIX
[2013/02/03 01:25:43 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MetroTwit
[2014/09/03 18:42:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MiniLyrics
[2013/02/03 21:41:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\NeoDownloader
[2014/06/27 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\OBS
[2013/01/27 12:30:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Opera
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\PhotoFiltre Studio X
[2014/09/05 08:52:24 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2014/08/04 12:00:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Vodafone
========== Purity Check ==========
========== Custom Scans ==========
< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014/04/28 19:44:36 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014/06/16 17:26:01 | 000,000,954 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/06/16 17:26:03 | 000,000,958 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2014/04/14 00:44:04 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1758c63a7f3ec2bf\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys
< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2014/04/14 00:57:20 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/04/25 09:09:53 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe
< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2014/03/04 13:16:50 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\SysWOW64\explorer.exe
[2014/03/04 13:16:50 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/04/22 12:39:27 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2013/11/24 12:08:47 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2014/04/22 12:39:17 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/04/14 09:57:12 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/03/04 14:25:49 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\explorer.exe
[2014/03/04 14:25:49 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2013/11/24 12:32:38 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/04/14 09:57:07 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomas\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
3,48 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,51% Memory free
4,48 Gb Paging File | 2,18 Gb Available in Paging File | 48,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442,19 Gb Total Space | 251,50 Gb Free Space | 56,88% Space Free | Partition Type: NTFS
Computer Name: TOM | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/09/06 00:39:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
PRC - [2014/08/12 21:01:28 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014/08/12 21:01:00 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/08/04 14:20:42 | 000,161,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014/08/04 14:20:40 | 000,149,296 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014/07/30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/07/22 06:20:14 | 010,215,024 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
PRC - [2014/04/22 23:46:25 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2014/04/04 16:38:40 | 003,020,632 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
PRC - [2014/01/29 13:20:52 | 001,593,152 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2014/01/29 13:20:50 | 000,084,800 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2014/01/29 13:20:42 | 002,623,296 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2013/12/18 11:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/17 12:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013/09/25 03:43:56 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010/09/17 12:14:50 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
PRC - [2010/09/17 12:14:42 | 003,735,552 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
========== Modules (No Company Name) ==========
MOD - [2014/09/05 23:46:53 | 000,043,008 | ---- | M] () -- c:\users\tomas\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwitbow.dll
MOD - [2014/08/23 17:01:44 | 000,146,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\8e945b32dd6b4b00c900f6c01c0f3c62\System.Numerics.ni.dll
MOD - [2014/08/04 14:20:40 | 000,139,056 | ---- | M] () -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
MOD - [2014/07/30 02:20:20 | 003,610,624 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/04/22 23:46:37 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2014/04/22 23:46:37 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2014/04/22 23:46:37 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2014/04/22 23:46:37 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2014/04/22 23:46:37 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2014/04/22 23:46:37 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2014/04/22 23:46:37 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2014/04/22 23:46:37 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2014/04/22 23:46:36 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2014/04/22 23:46:36 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2014/04/22 23:46:36 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2014/04/22 23:46:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2014/04/11 13:12:30 | 007,802,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll
MOD - [2014/04/11 13:12:23 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll
MOD - [2014/04/11 13:12:20 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll
MOD - [2014/04/11 13:05:26 | 000,219,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\5e015d37aa3fdc75648e9d00d44d13ac\System.ServiceProcess.ni.dll
MOD - [2014/04/11 13:05:25 | 019,566,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\4c3126aec3364546e4ade89c24c4e742\System.ServiceModel.ni.dll
MOD - [2014/04/11 13:05:05 | 002,804,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll
MOD - [2014/04/11 13:04:58 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll
MOD - [2014/04/11 13:04:55 | 007,385,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\8a7f63a63249ceccb5c51a9a372aaf64\System.Data.ni.dll
MOD - [2014/04/11 13:04:47 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll
MOD - [2014/04/11 13:04:46 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\e1c86f334a29d92ca264950085cd817e\PresentationFramework.Aero2.ni.dll
MOD - [2014/04/11 13:04:45 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll
MOD - [2014/04/11 13:04:23 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll
MOD - [2014/04/11 11:00:14 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll
MOD - [2014/04/11 11:00:02 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\c1194e56644c7688e7eb0f68a57dcc30\System.Core.ni.dll
MOD - [2014/04/11 10:59:53 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll
MOD - [2014/01/29 13:20:54 | 000,109,888 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2014/01/29 13:20:48 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2014/01/29 13:20:42 | 000,059,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2014/01/29 13:20:38 | 000,102,720 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2014/01/29 13:20:36 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2014/01/27 13:52:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2013/08/23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/01/18 09:47:48 | 004,548,096 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\libcodec.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/08/13 16:23:32 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/01 00:12:28 | 002,369,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/04/06 13:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/03 04:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 08:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 17:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 11:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 11:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 11:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 11:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 11:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 09:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/09/19 06:32:20 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/09/06 14:51:18 | 000,100,104 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013/08/22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/08/29 19:46:53 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/12 21:01:28 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/08/12 21:01:00 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/08/04 14:20:40 | 000,149,296 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014/04/04 16:38:40 | 003,020,632 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2014/03/14 08:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/01/29 13:20:52 | 001,593,152 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2013/12/18 11:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/17 12:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/25 04:08:56 | 000,312,448 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/09/25 03:43:56 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/08/22 15:10:14 | 000,032,568 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2013/08/22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2010/09/17 12:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2010/09/17 12:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/07/17 20:08:21 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2014/07/05 23:09:43 | 000,117,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014/06/03 21:39:37 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014/05/31 12:07:07 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/05/01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/01 08:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 18:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 17:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 17:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 17:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 17:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 09:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudobex.sys -- (ssudobex)
DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/29 16:59:30 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/11/16 19:21:31 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/09/30 06:06:51 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/30 05:58:15 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/30 05:58:11 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/25 03:45:26 | 000,594,632 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/09/25 03:45:26 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/09/25 03:45:24 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/09/25 03:45:24 | 000,223,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hid.sys -- (BTATH_HID)
DRV:64bit: - [2013/09/25 03:45:24 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/09/25 03:45:24 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/09/25 03:45:24 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/09/25 03:45:24 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/09/25 03:45:24 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/09/19 07:39:28 | 012,531,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/09/19 06:04:26 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/09/10 16:37:02 | 000,358,192 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:40:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013/08/22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/16 11:40:57 | 003,543,752 | ---- | M] (TamoSoft) [CommView] Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ts_athrx.sys -- (TS_ARN5416)
DRV:64bit: - [2013/08/15 21:13:30 | 003,859,968 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/26 16:07:30 | 000,827,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/23 14:37:20 | 000,025,344 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/07/23 14:37:18 | 000,080,640 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/06/22 13:49:50 | 000,138,240 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/03/08 17:47:50 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2013/01/27 19:33:26 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/06 12:37:08 | 000,352,456 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2012/07/27 14:00:03 | 000,023,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012/06/23 06:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2011/08/17 11:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011/08/17 11:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011/08/17 10:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/17 10:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/17 10:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/03/18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2010/03/25 18:09:36 | 000,246,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010/03/25 18:09:36 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2005/09/24 00:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2014/08/14 17:46:38 | 000,004,096 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Common Files\Avnex\vcs64.sys -- (vcs)
DRV - [2012/09/01 11:50:05 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013/01/24 18:53:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions
[2013/01/24 18:53:28 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/03/30 15:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávánà Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Peněženka Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/04/23 20:16:33 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Bitcasa] C:\Program Files\Bitcasa\Bitcasa.exe (Bitcasa, Inc)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1499688777-3318823800-151401397-1001..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe (AppEx Networks Corporation)
O4 - HKU\S-1-5-21-1499688777-3318823800-151401397-1001..\Run: [Quick Starter] C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe (Samsung Electronics CO., LTD.)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.146.135.10 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{281DA9CF-B411-4B71-A889-91B468DE9603}: DhcpNameServer = 88.146.135.10 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8BC18B0-CA29-4825-A3D8-26E9392B62C1}: DhcpNameServer = 212.73.32.3 212.73.32.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC6775B6-70D3-49B0-837A-3C32B84811C4}: DhcpNameServer = 147.251.4.33 147.251.6.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F56605E8-0E30-45B6-A6A6-99372712EDE3}: DhcpNameServer = 147.251.6.10 147.251.4.33
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{18a68b29-1bbd-11e4-bf1a-50b7c33aa934}\Shell - "" = AutoRun
O33 - MountPoints2\{18a68b29-1bbd-11e4-bf1a-50b7c33aa934}\Shell\AutoRun\command - "" = "D:\setup_vmb_lite.exe" /checkApplicationPresence
O33 - MountPoints2\{18a68b77-1bbd-11e4-bf1a-50b7c33aa934}\Shell - "" = AutoRun
O33 - MountPoints2\{18a68b77-1bbd-11e4-bf1a-50b7c33aa934}\Shell\AutoRun\command - "" = "D:\setup_vmb_lite.exe" /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\WINDOWS\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\WINDOWS\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/09/06 00:39:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2014/09/05 16:53:48 | 000,000,000 | R--D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/09/03 19:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/09/03 17:20:32 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/08/30 13:35:36 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2014/08/30 13:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2014/08/30 12:19:46 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Adobe
[2014/08/28 18:03:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\cs
[2014/08/28 18:02:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\sk
[2014/08/28 18:02:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\sl
[2014/08/28 17:59:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\hu
[2014/08/28 17:58:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\hr
[2014/08/28 17:55:54 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_7.dll
[2014/08/28 17:55:54 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_7.dll
[2014/08/28 17:55:54 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_5.dll
[2014/08/28 17:55:54 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2014/08/28 17:55:51 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_43.dll
[2014/08/28 17:55:50 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_43.dll
[2014/08/28 17:55:50 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2014/08/28 17:55:45 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_42.dll
[2014/08/28 17:55:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2014/08/28 17:55:34 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll
[2014/08/28 17:55:34 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll
[2014/08/24 17:36:27 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Windows Live
[2014/08/19 22:13:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/08/18 21:31:54 | 000,000,000 | ---D | C] -- C:\Titles
[2014/08/18 21:21:52 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\UpdateTitle2-9
[2014/08/14 22:58:09 | 000,724,992 | ---- | C] (CurveRadio) -- C:\Users\Tomas\Desktop\CurveRadio Desktop App.exe
[2014/08/14 19:27:10 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster
[2014/08/14 18:37:02 | 000,704,480 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/08/14 18:37:02 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/08/14 17:50:36 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Avnex
[2014/08/14 17:50:36 | 000,000,000 | ---D | C] -- C:\AV_LOGS
[2014/08/14 17:49:15 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voice Changer Software DIAMOND
[2014/08/14 17:48:54 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Application Data
[2014/08/14 17:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AV Vcs 7.0 DIAMOND
[2014/08/14 17:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Avnex
[2014/08/13 17:48:23 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/08/13 17:48:21 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/08/13 17:48:15 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/08/13 17:48:11 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/08/13 17:48:10 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/08/13 17:48:09 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/08/13 17:48:08 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/08/13 17:48:08 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/08/13 17:48:07 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/08/13 17:48:07 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/08/13 17:48:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/08/13 17:48:02 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/08/13 17:47:39 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/08/13 17:47:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/08/13 17:47:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/08/13 17:47:37 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/08/13 17:47:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/08/13 17:47:35 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/08/13 17:45:42 | 001,273,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2014/08/13 17:42:41 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/08/13 17:42:41 | 000,517,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/08/13 17:42:29 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014/08/13 17:42:29 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2014/08/13 17:42:01 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014/08/13 17:42:01 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014/08/13 17:42:00 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014/08/13 17:42:00 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014/08/13 17:41:45 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/08/13 17:41:45 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/08/13 17:41:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/08/13 17:41:26 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/08/13 17:41:26 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2014/08/13 17:41:24 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/08/13 17:41:23 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/08/13 17:41:23 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/08/13 17:41:23 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2014/08/13 17:41:22 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/08/13 17:41:22 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/08/13 17:41:21 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2014/08/13 17:41:21 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/08/13 17:41:20 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/08/13 17:41:19 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2014/08/13 17:41:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2014/08/13 17:41:18 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2014/08/13 17:41:17 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll
[2014/08/13 17:41:17 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/08/13 17:41:17 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2014/08/13 17:41:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2014/08/13 17:41:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2014/08/13 17:41:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2014/08/13 17:41:14 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll
[2014/08/13 17:41:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014/08/13 17:41:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2014/08/13 17:41:09 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014/08/13 17:40:39 | 000,697,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/08/13 17:40:38 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/08/13 17:40:32 | 016,871,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/08/13 17:40:28 | 012,711,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/08/13 17:40:25 | 000,440,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2014/08/13 17:40:24 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/08/13 17:40:24 | 000,423,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014/08/13 17:40:24 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DaOtpCredentialProvider.dll
[2014/08/13 17:40:24 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFHost.exe
[2014/08/13 17:40:24 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2014/08/13 17:40:24 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFPlatform.dll
[2014/08/13 17:40:24 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2014/08/13 17:40:23 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DaOtpCredentialProvider.dll
[2014/08/13 17:39:45 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/08/13 17:39:42 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/08/13 17:39:35 | 001,336,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/08/13 17:39:23 | 002,790,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/08/13 17:39:23 | 002,642,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/08/13 17:39:23 | 002,318,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/08/13 17:39:22 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll
[2014/08/13 17:39:22 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014/08/13 17:39:22 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014/08/13 16:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/08/09 10:42:24 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\beach tournament
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/09/06 00:44:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/09/06 00:43:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/09/06 00:41:12 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/06 00:39:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2014/09/05 23:41:45 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/09/05 19:41:01 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/05 19:41:01 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/04 23:24:19 | 000,071,568 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_23-24-11.mp3
[2014/09/04 22:31:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/09/04 22:31:49 | 2986,688,512 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/04 15:49:05 | 000,172,872 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_15-48-49.mp3
[2014/09/03 17:17:03 | 001,370,467 | ---- | M] () -- C:\Users\Tomas\Desktop\adwcleaner_3.309.exe
[2014/08/31 10:27:04 | 000,625,048 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/08/30 22:52:57 | 001,745,984 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/08/30 22:52:57 | 000,739,924 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014/08/30 22:52:57 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/08/30 22:52:57 | 000,151,610 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014/08/30 22:52:57 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/08/30 13:35:32 | 000,001,305 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2014/08/28 20:27:52 | 000,022,810 | ---- | M] () -- C:\Users\Tomas\Desktop\Můj film.wlmp
[2014/08/20 21:42:37 | 000,001,051 | ---- | M] () -- C:\Users\Tomas\Desktop\KMPlayer.lnk
[2014/08/19 22:14:33 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/08/18 21:20:59 | 000,232,627 | ---- | M] () -- C:\Users\Tomas\Desktop\UpdateTitle2-9.zip
[2014/08/15 17:42:02 | 000,067,816 | ---- | M] () -- C:\Users\Tomas\Desktop\This_is_czech_pinkney_on_curveradio_plain-voice.mp3
[2014/08/14 22:58:10 | 000,724,992 | ---- | M] (CurveRadio) -- C:\Users\Tomas\Desktop\CurveRadio Desktop App.exe
[2014/08/14 22:33:20 | 000,001,094 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/08/14 22:32:56 | 000,001,062 | ---- | M] () -- C:\Users\Tomas\Desktop\Dropbox.lnk
[2014/08/14 19:27:12 | 000,002,030 | ---- | M] () -- C:\Users\Tomas\Desktop\SAM Broadcaster.lnk
[2014/08/14 18:13:37 | 000,035,280 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-13-32.mp3
[2014/08/14 18:11:00 | 000,049,392 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-10-43.mp3
[2014/08/14 18:10:42 | 000,041,328 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-10-37.mp3
[2014/08/14 17:54:02 | 000,067,536 | ---- | M] () -- C:\Users\Tomas\Documents\rec_VcsCore_17-52-17.mp3
[2014/08/14 17:49:19 | 000,001,230 | ---- | M] () -- C:\Users\Tomas\Desktop\Voice Changer 7.0 Diamond.lnk
[2014/08/13 17:35:43 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/08/13 16:25:55 | 000,428,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/08/13 16:24:11 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/08/13 16:23:32 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/08/13 16:23:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/08/13 16:23:32 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/08/13 16:23:30 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/08/13 16:23:28 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/08/13 16:23:25 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/08/13 16:23:24 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/08/13 16:23:24 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/08/13 16:23:21 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/08/13 16:23:21 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/08/13 16:23:10 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/08/07 04:12:27 | 001,336,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/09/06 00:43:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/09/04 23:24:14 | 000,071,568 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_23-24-11.mp3
[2014/09/04 15:48:53 | 000,172,872 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_15-48-49.mp3
[2014/09/03 17:17:02 | 001,370,467 | ---- | C] () -- C:\Users\Tomas\Desktop\adwcleaner_3.309.exe
[2014/08/28 18:52:38 | 000,022,810 | ---- | C] () -- C:\Users\Tomas\Desktop\Můj film.wlmp
[2014/08/28 17:57:55 | 000,001,329 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2014/08/19 22:14:33 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/08/18 21:20:58 | 000,232,627 | ---- | C] () -- C:\Users\Tomas\Desktop\UpdateTitle2-9.zip
[2014/08/15 17:41:59 | 000,067,816 | ---- | C] () -- C:\Users\Tomas\Desktop\This_is_czech_pinkney_on_curveradio_plain-voice.mp3
[2014/08/14 19:27:12 | 000,002,030 | ---- | C] () -- C:\Users\Tomas\Desktop\SAM Broadcaster.lnk
[2014/08/14 18:13:34 | 000,035,280 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-13-32.mp3
[2014/08/14 18:10:56 | 000,049,392 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-10-43.mp3
[2014/08/14 18:10:39 | 000,041,328 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_18-10-37.mp3
[2014/08/14 17:53:57 | 000,067,536 | ---- | C] () -- C:\Users\Tomas\Documents\rec_VcsCore_17-52-17.mp3
[2014/08/14 17:49:19 | 000,001,230 | ---- | C] () -- C:\Users\Tomas\Desktop\Voice Changer 7.0 Diamond.lnk
[2014/08/13 17:41:08 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/04/09 21:00:46 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 17:01:53 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/11/18 19:18:54 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/17 21:46:56 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/11/16 19:33:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/09/26 20:02:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/26 20:02:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/26 20:02:36 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/26 20:02:18 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/26 20:02:18 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/18 19:24:50 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/25 15:24:34 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013/02/24 20:25:19 | 000,006,656 | ---- | C] () -- C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/27 23:10:53 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
========== ZeroAccess Check ==========
[2014/03/01 00:32:42 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/06 18:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/06 17:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/01/29 10:45:44 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AudioTuner
[2014/08/14 17:50:36 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Avnex
[2013/02/10 21:44:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Brain Workshop
[2013/09/27 18:14:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BSW
[2013/10/17 19:50:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\bwincom
[2013/07/10 19:48:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\calibre
[2013/10/17 19:50:55 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\cef-cache
[2013/04/27 14:21:32 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\com.bitcasa.Bitcasa
[2014/02/10 01:14:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2014/09/05 23:47:04 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2013/02/04 20:49:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Easy File Share
[2014/05/14 18:33:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\FlowStone
[2014/05/14 18:33:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Image-Line
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IrfanView
[2013/07/10 19:34:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IsolatedStorage
[2014/01/16 00:45:47 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MAGIX
[2013/02/03 01:25:43 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MetroTwit
[2014/09/03 18:42:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MiniLyrics
[2013/02/03 21:41:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\NeoDownloader
[2014/06/27 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\OBS
[2013/01/27 12:30:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Opera
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\PhotoFiltre Studio X
[2014/09/05 08:52:24 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2014/08/04 12:00:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Vodafone
========== Purity Check ==========
========== Custom Scans ==========
< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014/04/28 19:44:36 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014/06/16 17:26:01 | 000,000,954 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/06/16 17:26:03 | 000,000,958 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2014/04/14 00:44:04 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1758c63a7f3ec2bf\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys
< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2014/04/14 00:57:20 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/04/25 09:09:53 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe
< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2014/03/04 13:16:50 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\SysWOW64\explorer.exe
[2014/03/04 13:16:50 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/04/22 12:39:27 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2013/11/24 12:08:47 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2014/04/22 12:39:17 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/04/14 09:57:12 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/03/04 14:25:49 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\explorer.exe
[2014/03/04 14:25:49 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2013/11/24 12:32:38 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/04/14 09:57:07 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
Re: preventivka
< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/08/15 00:24:28 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/03/18 22:14:45 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/04/14 09:58:44 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll
< MD5 for: IASTORV.SYS >
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2014/04/14 00:44:05 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1758c63a7f3ec2bf\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys
< MD5 for: LSASS.EXE >
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\WINDOWS\SysNative\lsass.exe
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe
< MD5 for: NDIS.SYS >
[2013/11/24 12:16:30 | 000,123,655 | ---- | M] () MD5=17F1BC1A73EECEA6394EFA770B41DDD3 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2014/02/18 13:05:06 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2014/04/14 10:12:12 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2014/02/22 17:40:03 | 001,118,552 | ---- | M] (Microsoft Corporation) MD5=F21B77B4D74092A543807D3CEB711A88 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2014/02/22 17:40:03 | 001,118,552 | ---- | M] (Microsoft Corporation) MD5=F21B77B4D74092A543807D3CEB711A88 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
< MD5 for: NETLOGON.DLL >
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\WINDOWS\SysNative\netlogon.dll
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/04/23 20:10:00 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\SysWOW64\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/04/18 17:11:48 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
< MD5 for: NVRAID.SYS >
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys
< MD5 for: SCECLI.DLL >
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
< MD5 for: SMSS.EXE >
[2014/04/18 17:20:48 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe
< MD5 for: SVCHOST.EXE >
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
< MD5 for: TCPIP.SYS >
[2014/02/18 13:07:14 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/03/14 10:53:05 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/05/27 17:53:12 | 002,518,360 | ---- | M] (Microsoft Corporation) MD5=25AC0B50A71938890970E1508F107196 -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/05/27 17:53:12 | 002,518,360 | ---- | M] (Microsoft Corporation) MD5=25AC0B50A71938890970E1508F107196 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/04/19 11:01:04 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/08/17 21:54:09 | 000,223,198 | ---- | M] () MD5=889B53B7C56665B0277CC00EF4051DE4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/08/17 21:54:18 | 000,225,256 | ---- | M] () MD5=A8DBD4B1BA356AA5C05F858E40FD0B08 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17088_none_a3e0570b3a59cef2\tcpip.sys
[2013/11/24 12:20:41 | 000,250,257 | ---- | M] () MD5=D051052CB1A286833805C2E0F7710F85 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys
[2014/06/22 18:29:01 | 000,231,862 | ---- | M] () MD5=DC0CC6B2E43738CBF51E96EA3AB7A223 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
< MD5 for: USERINIT.EXE >
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
< MD5 for: WINLOGON.EXE >
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/04/21 14:35:43 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
< MD5 for: WS2_32.DLL >
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\WINDOWS\SysNative\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[5 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[20 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/01/19 15:19:53 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Adobe
[2013/11/22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Atheros
[2013/01/24 17:08:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ATI
[2013/01/29 10:45:44 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AudioTuner
[2013/03/27 22:45:12 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Avira
[2014/08/14 17:50:36 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Avnex
[2013/02/10 21:44:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Brain Workshop
[2013/09/27 18:14:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BSW
[2013/10/17 19:50:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\bwincom
[2013/07/10 19:48:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\calibre
[2013/10/17 19:50:55 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\cef-cache
[2013/04/27 14:21:32 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\com.bitcasa.Bitcasa
[2014/02/10 01:14:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2014/09/05 23:47:04 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2013/02/04 20:49:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Easy File Share
[2014/08/04 12:10:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\FLEXnet
[2014/05/14 18:33:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\FlowStone
[2013/11/16 20:17:19 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Identities
[2014/05/14 18:33:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Image-Line
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IrfanView
[2013/07/10 19:34:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IsolatedStorage
[2013/01/24 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Macromedia
[2014/01/16 00:45:47 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MAGIX
[2013/02/03 01:25:43 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MetroTwit
[2014/08/04 12:03:32 | 000,000,000 | --SD | M] -- C:\Users\Tomas\AppData\Roaming\Microsoft
[2014/09/03 18:42:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MiniLyrics
[2013/01/24 18:53:25 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla
[2013/02/03 21:41:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\NeoDownloader
[2014/06/27 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\OBS
[2013/01/27 12:30:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Opera
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\PhotoFiltre Studio X
[2014/09/06 01:29:26 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Skype
[2014/09/05 08:52:24 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2013/05/20 21:16:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\vlc
[2014/08/04 12:00:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Vodafone
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Winamp
[2013/01/27 16:46:48 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014/07/30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014/07/30 02:25:24 | 000,262,160 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014/07/30 02:22:12 | 000,225,224 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013/02/24 18:22:54 | 000,029,926 | R--- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
[2013/11/17 21:54:07 | 000,010,134 | R--- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Installer\{61F0224D-A87E-BEDF-BC48-B5761FCD65DD}\ARPPRODUCTICON.exe
[2014/08/04 20:18:43 | 001,329,744 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe
[2014/02/10 01:09:38 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014/04/08 23:32:22 | 001,268,816 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.1_30740.exe
[2014/04/25 23:36:00 | 001,266,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014/05/30 22:00:42 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014/06/11 20:12:18 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014/07/02 21:00:25 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
[2014/08/04 20:18:13 | 001,329,744 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.2_32239.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2013/08/22 04:44:29 | 000,515,584 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\FirewallAPI.dll
[2014/07/25 13:03:13 | 011,772,928 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2013/08/22 05:12:13 | 000,116,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2013/08/22 04:44:29 | 000,515,584 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\FirewallAPI.dll
[2014/07/25 13:03:13 | 011,772,928 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2013/08/22 05:12:13 | 000,116,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AppEx Accelerator UI" = C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe -h -- [2012/05/22 15:12:40 | 001,000,288 | ---- | M] (AppEx Networks Corporation)
"Quick Starter" = C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe -- [2014/04/29 11:00:28 | 002,358,064 | ---- | M] (Samsung Electronics CO., LTD.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/09/06 00:43:39 | 000,000,512 | ---- | M] () MD5=6425611A4178CF6924A360E1E3EE3C7A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013/03/12 12:47:38 | 000,007,624 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Data\Patches\Packs\Drums\Percussion\FPC Ice Crack.wav
[2012/10/02 10:41:48 | 000,000,400 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Data\Patches\Plugin presets\Generators\Drumpad\Sound FX\Crack.fst
[2008/09/08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[2012/08/08 11:29:29 | 000,004,076 | ---- | M] () -- \Program Files\WindowsApps\ENFEEL.Birzzle_1.0.0.46_x64__x6zre6nb2hma6\ice_block_crack_RETINA.plist
[2012/08/08 11:29:29 | 000,034,726 | ---- | M] () -- \Program Files\WindowsApps\ENFEEL.Birzzle_1.0.0.46_x64__x6zre6nb2hma6\ice_block_crack_RETINA.png
[2012/08/08 11:29:29 | 000,046,538 | ---- | M] () -- \Program Files\WindowsApps\ENFEEL.Birzzle_1.0.0.46_x64__x6zre6nb2hma6\ice_break_crack.wav
[2013/11/17 23:18:21 | 000,023,487 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode1\Data\Scenes\Canyon\WallCrackZoom.xml
[2013/04/02 23:00:17 | 000,079,559 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode2\Data\Scenes\CrackedWall\CrackedWall.xml
[2013/11/17 23:18:24 | 000,005,094 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode3\Data\Scenes\StoneCocoonChamber\FloorCrackZoom.xml
[2014/01/02 23:04:27 | 000,001,004 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.aircrack-ng.org%2Fresources%2Ffavicon.png
[2014/01/19 14:38:44 | 000,019,332 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\Adobe Audition 3.0+Crack [GR420].torrent
[2014/08/14 17:44:35 | 000,005,828 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\Audio4Fun AV Voice Changer Diamond 7.0.29 + Crack [RH].torrent
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Users\Tomas\Documents\Image-Line\Data\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2014/01/19 14:42:05 | 003,504,601 | ---- | M] () -- \Users\Tomas\Downloads\Adobe Audition 3.0+Crack [GR420]\ADOBE AUDITION 3.0\CRACK.rar
[2011/01/21 14:15:54 | 003,449,711 | ---- | M] () -- \Users\Tomas\Music\3. Soundtracks\Soundtrack - Misfits\Misfits S02 OST (2010)\42 - 2x06 - Tchaikovsky - Dance of the Sugar Plum Fairy (The Nutcracker).mp3
[2014/04/21 12:14:32 | 009,808,348 | ---- | M] () -- \Users\Tomas\Music\6. Dubstep\201 Best Dubstep Songs & Remixes\08 Cracks (Flux Pavillion Remix) [fe.m4a
[2014/08/04 21:52:22 | 004,498,234 | ---- | M] () -- \Users\Tomas\Music\Download\Circle Of Alchemists - Crack Of Dawn (Instrumental).mp3
[2009/11/05 13:51:36 | 006,476,924 | ---- | M] () -- \Users\Tomas\Music\Others\Meditation\Muz relax\The Sound Of DESERT\09. Cracked Land.mp3
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2013/08/12 08:11:10 | 000,002,281 | ---- | M] () -- \FRST\Quarantine\C\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_YTD Video Downloader\YTD Video Downloader.lnk
[2013/02/03 20:41:56 | 001,795,373 | ---- | M] () -- \Instal\picdownloader.exe
[2014/08/12 21:01:04 | 000,044,112 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2014/08/12 21:01:05 | 000,494,672 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2014/08/12 21:01:05 | 000,192,592 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2014/03/02 18:48:08 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013/11/23 21:54:48 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013/03/05 08:29:10 | 000,001,706 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\Metal\iPodLyricsDownloader.java
[2013/04/29 15:19:12 | 000,007,217 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\Metal\iPodLyricsDownloader.xml
[2013/03/05 08:29:10 | 000,000,462 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\Metal\iPodLyricsDownloader_theme.xml
[2013/04/29 15:19:12 | 000,004,840 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\MiniLyrics\iPodLyricsDownloader.xml
[2013/03/05 08:29:10 | 000,000,462 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\MiniLyrics\iPodLyricsDownloader_theme.xml
[2008/09/04 02:13:56 | 000,486,216 | ---- | M] () -- \Program Files (x86)\Pinnacle\Studio 12 Ultimate Plugins\Vitascene\current\imageloader10x1.dll
[2008/02/25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2014/05/25 21:36:31 | 000,017,128 | ---- | M] () -- \Program Files\Microsoft Office 15\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\15.0.0.0__71E9BCE111E9429C\Microsoft.Office.Infopath.CLRLoader.dll
[2014/02/19 15:41:55 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.309_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2013/09/30 05:58:35 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/09/30 05:58:35 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/09/30 05:58:35 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/09/30 06:00:17 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/06/06 17:50:00 | 000,499,712 | R--- | M] () -- \Program Files\WinZip\adxloader.dll
[2013/06/06 17:50:00 | 000,000,348 | ---- | M] () -- \Program Files\WinZip\adxloader.dll.manifest
[2013/06/06 17:50:00 | 000,704,000 | R--- | M] () -- \Program Files\WinZip\adxloader64.dll
[2013/05/19 18:10:49 | 000,001,139 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\MiniLyrics\iPod Lyrics Downloader.lnk
[2014/08/30 13:35:32 | 000,002,261 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2013/10/16 05:13:26 | 000,000,857 | ---- | M] () -- \Programs\bwincom\bwincomPoker\preloader.html
[2013/10/16 05:14:06 | 000,003,415 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\loader.gif
[2013/10/16 05:14:12 | 000,002,086 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\rounded_loader.gif
[2013/10/16 05:13:52 | 000,005,567 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\OneClickLobby\loader.gif
[2013/10/16 05:13:52 | 000,001,863 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\OneClickLobby\preloader.swf
[2013/09/16 16:00:22 | 000,021,421 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Uninstall\Preloader.jpg
[2013/10/17 19:48:50 | 000,007,277 | ---- | M] () -- \Programs\bwincom\SmartUpgrader\Preloader.jpg
[2013/10/17 19:48:50 | 000,004,416 | ---- | M] () -- \Programs\bwincom\SmartUpgrader\PreloaderIEImage.JPG
[2013/05/19 18:10:49 | 000,001,139 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\MiniLyrics\iPod Lyrics Downloader.lnk
[2014/08/30 13:35:32 | 000,002,261 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2014/08/30 13:35:32 | 000,001,305 | ---- | M] () -- \Users\Public\Desktop\YTD Video Downloader.lnk
[2014/08/31 11:57:52 | 000,018,544 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\INetCache\IE\DBZ5MTMN\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014/08/31 11:57:52 | 000,001,980 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\INetCache\IE\UVLBJWGB\AdLoader[1].htm
[2014/01/15 20:54:44 | 000,000,142 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.freeradiojingles.co.uk%2Fwp-content%2Fplugins%2Fgenesis-favicon-uploader%2Ffavicons%2Ffavicon.png
[2013/02/03 21:41:34 | 000,000,662 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.neodownloader.com%2Ffavicon.png
[2013/08/12 08:10:06 | 000,000,749 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloadersite.com%2Ffavicon.png
[2014/08/30 13:36:03 | 000,000,749 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.ytddownloader.com%2Ffavicon.png
[2014/07/01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2009/04/13 10:06:14 | 000,002,274 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$1.class
[2013/05/05 12:00:10 | 000,001,342 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$ChangeBoardWorker.class
[2013/05/05 12:00:10 | 000,001,360 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$ComponentChange.class
[2013/05/05 12:00:10 | 000,006,540 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$PanelChangeWorker.class
[2013/05/05 12:00:10 | 000,001,178 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$Worker.class
[2013/05/05 12:00:10 | 000,012,097 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader.class
[2013/05/05 11:59:53 | 000,010,340 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\ClientLoader.class
[2013/05/05 11:59:47 | 000,007,271 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\PropFileLoader.class
[2010/01/15 12:54:20 | 000,002,542 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\StarterClassLoader.class
[2009/04/13 10:06:14 | 000,000,739 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\mod\ClientModLoader.class
[2013/05/05 11:59:54 | 000,002,657 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\tools\ToolLoader.class
[2009/04/27 23:10:16 | 000,001,174 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\vampire\VampireLoader.class
[2012/11/19 23:15:42 | 000,000,847 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\ajax-loader.gif
[2012/11/19 23:15:42 | 000,001,135 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\loader-icon.png
[2012/11/19 23:15:42 | 000,003,208 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img\loader.gif
[2012/11/19 23:15:42 | 000,001,849 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2006/05/05 16:28:58 | 000,000,291 | ---- | M] () -- \Users\Tomas\Škola\DP\Nova_1297\Nova_1297\loader32.dsp
[2014/05/25 21:46:50 | 000,103,936 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\387b2803b331041dcf503ba9ea9ce6b6\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014/05/25 21:46:50 | 000,000,696 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\387b2803b331041dcf503ba9ea9ce6b6\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2014/05/25 21:46:32 | 000,017,128 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/14 00:45:10 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/04/14 00:45:07 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/04/14 00:45:25 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/04/14 00:45:22 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/04/14 00:45:41 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/04/14 00:45:37 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2013/08/22 13:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/10 16:09:49 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2014/04/25 09:26:23 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.efi.mui_35ee487d
[2014/04/25 09:26:24 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.exe.mui_3bc5b827
[2014/04/25 09:26:24 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.efi.mui_f412814e
[2014/04/25 09:26:24 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.exe.mui_ff8b5358
[2014/04/10 16:10:15 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/04/25 09:26:31 | 000,724,144 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winload.efi_75834aa0
[2014/04/25 09:26:34 | 000,660,345 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winload.exe_75835076
[2014/04/25 09:26:36 | 000,646,217 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winresume.efi_85cd069f
[2014/04/25 09:26:39 | 000,586,798 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winresume.exe_85cd1215
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/09/30 05:55:13 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2014/04/09 20:10:32 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013/09/30 06:06:25 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013/09/30 06:08:41 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2013/12/15 18:52:30 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014/04/09 20:10:34 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
[2013/01/27 23:10:53 | 000,000,161 | ---- | M] () -- \Windows\AutoKMS.ini
< *activator* /s >
[2013/01/27 16:42:28 | 000,000,738 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\Microsoft Office 2010 Activator - Any version [VerifiedFiles].torrent
< *serial* /s >
[2013/02/10 13:55:43 | 019,920,192 | ---- | M] () -- \Instal\Total Video Converter HD v3.71 + Serials [ChattChitto RG]\Total Video Converter HD v3.71 + Serials [ChattChitto RG].exe
[2003/10/09 07:11:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2014/05/13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/07/25 17:18:59 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/02 09:30:28 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/05/25 21:34:37 | 000,167,616 | ---- | M] () -- \Program Files\Microsoft Office 15\root\office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2014/05/25 21:33:32 | 000,210,112 | ---- | M] () -- \Program Files\Microsoft Office 15\root\office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2014/05/13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/07/25 17:19:48 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/02 09:34:24 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/11/16 19:12:45 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008/04/15 12:20:56 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008/04/15 12:39:48 | 000,010,000 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008/04/15 12:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008/04/15 12:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008/04/15 12:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008/04/15 12:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008/04/15 12:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008/04/15 12:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008/04/15 12:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2014/08/19 23:05:25 | 000,000,201 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fsledovatserialyonline.blogspot.cz%2Ffavicon.png
[2013/08/03 21:58:24 | 000,000,878 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialovysvet.cz%2Fimages%2Ffavicon.png
[2014/08/19 22:56:18 | 000,000,339 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycz.cz%2Fwp-content%2Fthemes%2Farras%2Fimages%2Ffavicon.png
[2013/05/22 22:43:07 | 000,000,673 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycz.cz%2Fwp-content%2Fuploads%2Ffavicon1.png
[2013/07/30 10:02:12 | 000,000,581 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2013/03/17 23:24:04 | 000,000,544 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.sledujuserialy.cz%2Ffavicon.png
[2013/05/15 23:43:27 | 000,000,628 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.topserialyonline.cz%2Ftemplates%2Frt_metropolis%2Ffavicon.png
[2013/02/07 13:55:37 | 000,000,307 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.tvserialsonline.com%2Ffavicon.png
[2013/08/12 11:53:42 | 000,003,641 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\PhotoFiltre Studio X 10.3.0 + Serial.torrent
[2013/02/10 13:53:15 | 000,006,402 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\Total Video Converter HD v3.71 + Serials [ChattChitto RG].torrent
[2013/08/12 11:54:18 | 000,000,092 | ---- | M] () -- \Users\Tomas\Downloads\PhotoFiltre Studio X 10.3.0 + Serial\Serial.txt
[2006/07/06 14:18:26 | 006,164,398 | ---- | M] () -- \Users\Tomas\Music\7. Oldies\VA - Disco Celebration (40 Remixed Hits of the 70s and 80s)\209_inner_city_feat._paris_grey_-_do_me_right_(serial_diva_radio_edit) [www.pctrecords.com].mp3
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/11/16 19:12:45 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/07/02 09:30:28 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/04/11 13:05:05 | 002,804,736 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll
[2014/04/11 13:05:05 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll.aux
[2014/04/13 01:22:57 | 000,366,080 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\2a3ee6c1ccf3e74097ec163b273d4f92\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/04/13 01:22:57 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\2a3ee6c1ccf3e74097ec163b273d4f92\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/04/13 01:35:32 | 000,009,728 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtdf6812ee#\d7c19ec0784ce130d53d43af71a371db\System.Runtime.Serialization.Primitives.ni.dll
[2014/04/13 01:35:31 | 000,000,300 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtdf6812ee#\d7c19ec0784ce130d53d43af71a371db\System.Runtime.Serialization.Primitives.ni.dll.aux
[2014/04/11 22:38:56 | 003,530,752 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\209aa0718fe1f200de5ea360d5d4de25\System.Runtime.Serialization.ni.dll
[2014/04/11 22:38:56 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\209aa0718fe1f200de5ea360d5d4de25\System.Runtime.Serialization.ni.dll.aux
[2013/08/22 17:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2013/09/30 05:55:53 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/07/02 09:30:29 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/09/30 05:55:53 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/07/02 09:34:25 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/09/30 05:55:52 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2013/08/22 22:12:22 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 21:40:12 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.mum
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/22 08:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2011/06/10 05:43:56 | 000,073,728 | ---- | M] () -- \Windows\System32\SerialPort.dll
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/08/22 22:12:22 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/09/30 05:55:44 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013/09/30 05:55:39 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013/11/16 19:37:11 | 000,004,224 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.PNF
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2011/06/10 05:43:56 | 000,073,728 | ---- | M] () -- \Windows\SysWOW64\SerialPort.dll
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013/09/30 05:55:44 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2013/09/30 05:55:39 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2014/08/17 21:48:48 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_b12d926c7f1ac114\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/08/17 21:49:15 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_b1ceee03982636a5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/09/30 05:55:44 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_3f29419cb7a1caf0\serialui.dll.mui
[2013/08/22 13:13:54 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2014/08/17 21:54:37 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2013/11/16 19:12:45 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_4e753a0a26438751\System.RunTime.Serialization.Resources.dll
[2014/08/17 21:54:45 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_4f1695a13f4efce2\System.RunTime.Serialization.Resources.dll
[2013/09/30 05:55:39 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b574829120336a99\serial.sys.mui
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_1da5c476c59b0e5b\System.RunTime.Serialization.resources.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013/09/30 05:55:52 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_65f374ee29342685\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:41:27 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2014/08/17 22:05:44 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_f0517be51cec2cbf\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/17 22:05:45 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_d981a48b36959176\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/17 22:09:35 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2014/07/02 09:34:25 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5\System.Runtime.Serialization.dll
[2014/08/17 22:09:39 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c\System.Runtime.Serialization.dll
[2014/08/17 22:09:44 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2014/07/02 09:34:24 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e\System.Runtime.Serialization.dll
[2014/08/17 22:09:49 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25\System.Runtime.Serialization.dll
[2013/09/30 05:54:42 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_c3036df581d2c4e4.manifest
[2013/09/30 05:54:54 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 17:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013/08/22 15:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013/08/22 17:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013/08/22 17:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013/08/22 17:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013/08/22 17:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2013/08/22 17:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013/08/22 17:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013/08/22 17:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2014/08/13 17:07:43 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5.manifest
[2014/08/13 17:07:43 | 000,000,407 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c.manifest
[2013/08/22 17:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2014/08/13 17:07:43 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e.manifest
[2014/08/13 17:07:43 | 000,000,415 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25.manifest
[2013/08/22 17:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013/08/22 17:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013/08/22 17:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2014/08/13 17:07:43 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff.manifest
[2014/08/13 17:07:43 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6.manifest
[2013/09/30 05:55:21 | 000,000,448 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144.manifest
[2013/09/30 05:55:20 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b.manifest
[2014/08/13 17:07:39 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619.manifest
[2014/08/13 17:07:39 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0.manifest
[2013/08/22 17:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013/08/22 17:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2013/08/22 17:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2014/08/13 17:07:43 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732.manifest
[2014/08/13 17:07:43 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9.manifest
[2013/08/22 17:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013/08/22 17:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2014/08/13 17:07:43 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174.manifest
[2014/08/13 17:07:43 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b.manifest
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/17 22:15:56 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_6319fbc1e7e155b4\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/17 22:15:57 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_4c4a2468018aba6b\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/30 05:55:53 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_c6e6982dc37909d8\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/17 22:15:58 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.17226_cs-cz_1c43122de1795ead\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/17 22:15:59 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.20708_cs-cz_05733ad3fb22c364\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2014/08/17 22:16:03 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2014/07/02 09:30:29 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff\System.Runtime.Serialization.dll
[2014/08/17 22:16:07 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6\System.Runtime.Serialization.dll
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144\System.RunTime.Serialization.resources.dll
[2014/08/17 22:16:09 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2013/11/16 19:12:45 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619\System.RunTime.Serialization.Resources.dll
[2014/08/17 22:16:10 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0\System.RunTime.Serialization.Resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2014/08/17 22:16:14 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2014/07/02 09:30:28 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732\System.Runtime.Serialization.dll
[2014/08/17 22:16:19 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2014/08/17 22:48:41 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_550ef6e8c6bd4fde\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/17 22:49:06 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_55b0527fdfc8c56f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 05:55:44 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_e30aa618ff4459ba\serialui.dll.mui
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2014/08/17 23:05:30 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll
[2014/07/02 09:30:28 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174\System.Runtime.Serialization.dll
[2014/08/17 23:05:40 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Files - Unicode (All) ==========
[2014/03/04 02:04:19 | 003,502,112 | ---- | M] ()(C:\Users\Tomas\Desktop\Josef? Král - Lížu píču celý den.mp3) -- C:\Users\Tomas\Desktop\Josef Král - Lížu píču celý den.mp3
[2014/03/04 02:04:18 | 003,502,112 | ---- | C] ()(C:\Users\Tomas\Desktop\Josef? Král - Lížu píču celý den.mp3) -- C:\Users\Tomas\Desktop\Josef Král - Lížu píču celý den.mp3
[2013/10/27 22:24:56 | 103,533,600 | ---- | M] ()(C:\WINDOWS\SysWow64\???oŻ) -- C:\WINDOWS\SysWow64\᯾瞎騠ŏ̅
[2013/10/27 22:24:56 | 103,533,600 | ---- | M] ()(C:\WINDOWS\System32\???oŻ) -- C:\WINDOWS\System32\᯾瞎騠ŏ̅
[2013/10/27 22:24:56 | 103,533,600 | ---- | C] ()(C:\WINDOWS\SysWow64\???oŻ) -- C:\WINDOWS\SysWow64\᯾瞎騠ŏ̅
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\Users\Tomas\SkyDrive:ms-properties
< End of report >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/08/15 00:24:28 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/03/18 22:14:45 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/04/14 09:58:44 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll
< MD5 for: IASTORV.SYS >
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2014/04/14 00:44:05 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1758c63a7f3ec2bf\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys
< MD5 for: LSASS.EXE >
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\WINDOWS\SysNative\lsass.exe
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe
< MD5 for: NDIS.SYS >
[2013/11/24 12:16:30 | 000,123,655 | ---- | M] () MD5=17F1BC1A73EECEA6394EFA770B41DDD3 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2014/02/18 13:05:06 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2014/04/14 10:12:12 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2014/02/22 17:40:03 | 001,118,552 | ---- | M] (Microsoft Corporation) MD5=F21B77B4D74092A543807D3CEB711A88 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2014/02/22 17:40:03 | 001,118,552 | ---- | M] (Microsoft Corporation) MD5=F21B77B4D74092A543807D3CEB711A88 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
< MD5 for: NETLOGON.DLL >
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\WINDOWS\SysNative\netlogon.dll
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/04/23 20:10:00 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\SysWOW64\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/04/18 17:11:48 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
< MD5 for: NVRAID.SYS >
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys
< MD5 for: SCECLI.DLL >
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
< MD5 for: SMSS.EXE >
[2014/04/18 17:20:48 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe
< MD5 for: SVCHOST.EXE >
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
< MD5 for: TCPIP.SYS >
[2014/02/18 13:07:14 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/03/14 10:53:05 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/05/27 17:53:12 | 002,518,360 | ---- | M] (Microsoft Corporation) MD5=25AC0B50A71938890970E1508F107196 -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/05/27 17:53:12 | 002,518,360 | ---- | M] (Microsoft Corporation) MD5=25AC0B50A71938890970E1508F107196 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/04/19 11:01:04 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/08/17 21:54:09 | 000,223,198 | ---- | M] () MD5=889B53B7C56665B0277CC00EF4051DE4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/08/17 21:54:18 | 000,225,256 | ---- | M] () MD5=A8DBD4B1BA356AA5C05F858E40FD0B08 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17088_none_a3e0570b3a59cef2\tcpip.sys
[2013/11/24 12:20:41 | 000,250,257 | ---- | M] () MD5=D051052CB1A286833805C2E0F7710F85 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys
[2014/06/22 18:29:01 | 000,231,862 | ---- | M] () MD5=DC0CC6B2E43738CBF51E96EA3AB7A223 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
< MD5 for: USERINIT.EXE >
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
< MD5 for: WINLOGON.EXE >
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/04/21 14:35:43 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
< MD5 for: WS2_32.DLL >
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\WINDOWS\SysNative\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[5 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[20 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/01/19 15:19:53 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Adobe
[2013/11/22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Atheros
[2013/01/24 17:08:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ATI
[2013/01/29 10:45:44 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\AudioTuner
[2013/03/27 22:45:12 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Avira
[2014/08/14 17:50:36 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Avnex
[2013/02/10 21:44:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Brain Workshop
[2013/09/27 18:14:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BSW
[2013/10/17 19:50:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\bwincom
[2013/07/10 19:48:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\calibre
[2013/10/17 19:50:55 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\cef-cache
[2013/04/27 14:21:32 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\com.bitcasa.Bitcasa
[2014/02/10 01:14:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2014/09/05 23:47:04 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2013/02/04 20:49:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Easy File Share
[2014/08/04 12:10:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\FLEXnet
[2014/05/14 18:33:23 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\FlowStone
[2013/11/16 20:17:19 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Identities
[2014/05/14 18:33:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Image-Line
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IrfanView
[2013/07/10 19:34:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IsolatedStorage
[2013/01/24 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Macromedia
[2014/01/16 00:45:47 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MAGIX
[2013/02/03 01:25:43 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MetroTwit
[2014/08/04 12:03:32 | 000,000,000 | --SD | M] -- C:\Users\Tomas\AppData\Roaming\Microsoft
[2014/09/03 18:42:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\MiniLyrics
[2013/01/24 18:53:25 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla
[2013/02/03 21:41:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\NeoDownloader
[2014/06/27 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\OBS
[2013/01/27 12:30:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Opera
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\PhotoFiltre Studio X
[2014/09/06 01:29:26 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Skype
[2014/09/05 08:52:24 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2013/05/20 21:16:08 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\vlc
[2014/08/04 12:00:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Vodafone
[2014/08/25 20:40:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Winamp
[2013/01/27 16:46:48 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014/07/30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014/07/30 02:25:24 | 000,262,160 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014/07/30 02:22:12 | 000,225,224 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013/02/24 18:22:54 | 000,029,926 | R--- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
[2013/11/17 21:54:07 | 000,010,134 | R--- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Installer\{61F0224D-A87E-BEDF-BC48-B5761FCD65DD}\ARPPRODUCTICON.exe
[2014/08/04 20:18:43 | 001,329,744 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe
[2014/02/10 01:09:38 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014/04/08 23:32:22 | 001,268,816 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.1_30740.exe
[2014/04/25 23:36:00 | 001,266,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014/05/30 22:00:42 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014/06/11 20:12:18 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014/07/02 21:00:25 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
[2014/08/04 20:18:13 | 001,329,744 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\updates\3.4.2_32239.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2013/08/22 04:44:29 | 000,515,584 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\FirewallAPI.dll
[2014/07/25 13:03:13 | 011,772,928 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2013/08/22 05:12:13 | 000,116,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2013/08/22 04:44:29 | 000,515,584 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\FirewallAPI.dll
[2014/07/25 13:03:13 | 011,772,928 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2013/08/22 05:12:13 | 000,116,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AppEx Accelerator UI" = C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe -h -- [2012/05/22 15:12:40 | 001,000,288 | ---- | M] (AppEx Networks Corporation)
"Quick Starter" = C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe -- [2014/04/29 11:00:28 | 002,358,064 | ---- | M] (Samsung Electronics CO., LTD.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/09/06 00:43:39 | 000,000,512 | ---- | M] () MD5=6425611A4178CF6924A360E1E3EE3C7A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013/03/12 12:47:38 | 000,007,624 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Data\Patches\Packs\Drums\Percussion\FPC Ice Crack.wav
[2012/10/02 10:41:48 | 000,000,400 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Data\Patches\Plugin presets\Generators\Drumpad\Sound FX\Crack.fst
[2008/09/08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[2012/08/08 11:29:29 | 000,004,076 | ---- | M] () -- \Program Files\WindowsApps\ENFEEL.Birzzle_1.0.0.46_x64__x6zre6nb2hma6\ice_block_crack_RETINA.plist
[2012/08/08 11:29:29 | 000,034,726 | ---- | M] () -- \Program Files\WindowsApps\ENFEEL.Birzzle_1.0.0.46_x64__x6zre6nb2hma6\ice_block_crack_RETINA.png
[2012/08/08 11:29:29 | 000,046,538 | ---- | M] () -- \Program Files\WindowsApps\ENFEEL.Birzzle_1.0.0.46_x64__x6zre6nb2hma6\ice_break_crack.wav
[2013/11/17 23:18:21 | 000,023,487 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode1\Data\Scenes\Canyon\WallCrackZoom.xml
[2013/04/02 23:00:17 | 000,079,559 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode2\Data\Scenes\CrackedWall\CrackedWall.xml
[2013/11/17 23:18:24 | 000,005,094 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode3\Data\Scenes\StoneCocoonChamber\FloorCrackZoom.xml
[2014/01/02 23:04:27 | 000,001,004 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.aircrack-ng.org%2Fresources%2Ffavicon.png
[2014/01/19 14:38:44 | 000,019,332 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\Adobe Audition 3.0+Crack [GR420].torrent
[2014/08/14 17:44:35 | 000,005,828 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\Audio4Fun AV Voice Changer Diamond 7.0.29 + Crack [RH].torrent
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Users\Tomas\Documents\Image-Line\Data\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2014/01/19 14:42:05 | 003,504,601 | ---- | M] () -- \Users\Tomas\Downloads\Adobe Audition 3.0+Crack [GR420]\ADOBE AUDITION 3.0\CRACK.rar
[2011/01/21 14:15:54 | 003,449,711 | ---- | M] () -- \Users\Tomas\Music\3. Soundtracks\Soundtrack - Misfits\Misfits S02 OST (2010)\42 - 2x06 - Tchaikovsky - Dance of the Sugar Plum Fairy (The Nutcracker).mp3
[2014/04/21 12:14:32 | 009,808,348 | ---- | M] () -- \Users\Tomas\Music\6. Dubstep\201 Best Dubstep Songs & Remixes\08 Cracks (Flux Pavillion Remix) [fe.m4a
[2014/08/04 21:52:22 | 004,498,234 | ---- | M] () -- \Users\Tomas\Music\Download\Circle Of Alchemists - Crack Of Dawn (Instrumental).mp3
[2009/11/05 13:51:36 | 006,476,924 | ---- | M] () -- \Users\Tomas\Music\Others\Meditation\Muz relax\The Sound Of DESERT\09. Cracked Land.mp3
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2013/08/12 08:11:10 | 000,002,281 | ---- | M] () -- \FRST\Quarantine\C\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_YTD Video Downloader\YTD Video Downloader.lnk
[2013/02/03 20:41:56 | 001,795,373 | ---- | M] () -- \Instal\picdownloader.exe
[2014/08/12 21:01:04 | 000,044,112 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2014/08/12 21:01:05 | 000,494,672 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2014/08/12 21:01:05 | 000,192,592 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2014/03/02 18:48:08 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013/11/23 21:54:48 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013/03/05 08:29:10 | 000,001,706 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\Metal\iPodLyricsDownloader.java
[2013/04/29 15:19:12 | 000,007,217 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\Metal\iPodLyricsDownloader.xml
[2013/03/05 08:29:10 | 000,000,462 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\Metal\iPodLyricsDownloader_theme.xml
[2013/04/29 15:19:12 | 000,004,840 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\MiniLyrics\iPodLyricsDownloader.xml
[2013/03/05 08:29:10 | 000,000,462 | ---- | M] () -- \Program Files (x86)\MiniLyrics\Skins\MiniLyrics\iPodLyricsDownloader_theme.xml
[2008/09/04 02:13:56 | 000,486,216 | ---- | M] () -- \Program Files (x86)\Pinnacle\Studio 12 Ultimate Plugins\Vitascene\current\imageloader10x1.dll
[2008/02/25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2014/05/25 21:36:31 | 000,017,128 | ---- | M] () -- \Program Files\Microsoft Office 15\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\15.0.0.0__71E9BCE111E9429C\Microsoft.Office.Infopath.CLRLoader.dll
[2014/02/19 15:41:55 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.309_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2013/09/30 05:58:35 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/09/30 05:58:35 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/09/30 05:58:35 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/09/30 06:00:17 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/06/06 17:50:00 | 000,499,712 | R--- | M] () -- \Program Files\WinZip\adxloader.dll
[2013/06/06 17:50:00 | 000,000,348 | ---- | M] () -- \Program Files\WinZip\adxloader.dll.manifest
[2013/06/06 17:50:00 | 000,704,000 | R--- | M] () -- \Program Files\WinZip\adxloader64.dll
[2013/05/19 18:10:49 | 000,001,139 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\MiniLyrics\iPod Lyrics Downloader.lnk
[2014/08/30 13:35:32 | 000,002,261 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2013/10/16 05:13:26 | 000,000,857 | ---- | M] () -- \Programs\bwincom\bwincomPoker\preloader.html
[2013/10/16 05:14:06 | 000,003,415 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\loader.gif
[2013/10/16 05:14:12 | 000,002,086 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\rounded_loader.gif
[2013/10/16 05:13:52 | 000,005,567 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\OneClickLobby\loader.gif
[2013/10/16 05:13:52 | 000,001,863 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\OneClickLobby\preloader.swf
[2013/09/16 16:00:22 | 000,021,421 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Uninstall\Preloader.jpg
[2013/10/17 19:48:50 | 000,007,277 | ---- | M] () -- \Programs\bwincom\SmartUpgrader\Preloader.jpg
[2013/10/17 19:48:50 | 000,004,416 | ---- | M] () -- \Programs\bwincom\SmartUpgrader\PreloaderIEImage.JPG
[2013/05/19 18:10:49 | 000,001,139 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\MiniLyrics\iPod Lyrics Downloader.lnk
[2014/08/30 13:35:32 | 000,002,261 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2014/08/30 13:35:32 | 000,001,305 | ---- | M] () -- \Users\Public\Desktop\YTD Video Downloader.lnk
[2014/08/31 11:57:52 | 000,018,544 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\INetCache\IE\DBZ5MTMN\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014/08/31 11:57:52 | 000,001,980 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\INetCache\IE\UVLBJWGB\AdLoader[1].htm
[2014/01/15 20:54:44 | 000,000,142 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.freeradiojingles.co.uk%2Fwp-content%2Fplugins%2Fgenesis-favicon-uploader%2Ffavicons%2Ffavicon.png
[2013/02/03 21:41:34 | 000,000,662 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.neodownloader.com%2Ffavicon.png
[2013/08/12 08:10:06 | 000,000,749 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloadersite.com%2Ffavicon.png
[2014/08/30 13:36:03 | 000,000,749 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.ytddownloader.com%2Ffavicon.png
[2014/07/01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\Tomas\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2009/04/13 10:06:14 | 000,002,274 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$1.class
[2013/05/05 12:00:10 | 000,001,342 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$ChangeBoardWorker.class
[2013/05/05 12:00:10 | 000,001,360 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$ComponentChange.class
[2013/05/05 12:00:10 | 000,006,540 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$PanelChangeWorker.class
[2013/05/05 12:00:10 | 000,001,178 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader$Worker.class
[2013/05/05 12:00:10 | 000,012,097 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\AppLoader.class
[2013/05/05 11:59:53 | 000,010,340 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\ClientLoader.class
[2013/05/05 11:59:47 | 000,007,271 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\PropFileLoader.class
[2010/01/15 12:54:20 | 000,002,542 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\StarterClassLoader.class
[2009/04/13 10:06:14 | 000,000,739 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\mod\ClientModLoader.class
[2013/05/05 11:59:54 | 000,002,657 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\tools\ToolLoader.class
[2009/04/27 23:10:16 | 000,001,174 | ---- | M] () -- \Users\Tomas\AppData\Roaming\BSW\de\brettspielwelt\client\vampire\VampireLoader.class
[2012/11/19 23:15:42 | 000,000,847 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\ajax-loader.gif
[2012/11/19 23:15:42 | 000,001,135 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\loader-icon.png
[2012/11/19 23:15:42 | 000,003,208 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img\loader.gif
[2012/11/19 23:15:42 | 000,001,849 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2006/05/05 16:28:58 | 000,000,291 | ---- | M] () -- \Users\Tomas\Škola\DP\Nova_1297\Nova_1297\loader32.dsp
[2014/05/25 21:46:50 | 000,103,936 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\387b2803b331041dcf503ba9ea9ce6b6\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014/05/25 21:46:50 | 000,000,696 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\387b2803b331041dcf503ba9ea9ce6b6\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2014/05/25 21:46:32 | 000,017,128 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/14 00:45:10 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/04/14 00:45:07 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/04/14 00:45:25 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/04/14 00:45:22 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/04/14 00:45:41 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/04/14 00:45:37 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2013/08/22 13:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/10 16:09:49 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2014/04/25 09:26:23 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.efi.mui_35ee487d
[2014/04/25 09:26:24 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.exe.mui_3bc5b827
[2014/04/25 09:26:24 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.efi.mui_f412814e
[2014/04/25 09:26:24 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.exe.mui_ff8b5358
[2014/04/10 16:10:15 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/04/25 09:26:31 | 000,724,144 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winload.efi_75834aa0
[2014/04/25 09:26:34 | 000,660,345 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winload.exe_75835076
[2014/04/25 09:26:36 | 000,646,217 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winresume.efi_85cd069f
[2014/04/25 09:26:39 | 000,586,798 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winresume.exe_85cd1215
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/09/30 05:55:13 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2014/04/09 20:10:32 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013/09/30 06:06:25 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013/09/30 06:08:41 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2013/12/15 18:52:30 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014/04/09 20:10:34 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
[2013/01/27 23:10:53 | 000,000,161 | ---- | M] () -- \Windows\AutoKMS.ini
< *activator* /s >
[2013/01/27 16:42:28 | 000,000,738 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\Microsoft Office 2010 Activator - Any version [VerifiedFiles].torrent
< *serial* /s >
[2013/02/10 13:55:43 | 019,920,192 | ---- | M] () -- \Instal\Total Video Converter HD v3.71 + Serials [ChattChitto RG]\Total Video Converter HD v3.71 + Serials [ChattChitto RG].exe
[2003/10/09 07:11:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2014/05/13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/07/25 17:18:59 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/02 09:30:28 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/05/25 21:34:37 | 000,167,616 | ---- | M] () -- \Program Files\Microsoft Office 15\root\office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2014/05/25 21:33:32 | 000,210,112 | ---- | M] () -- \Program Files\Microsoft Office 15\root\office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2014/05/13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/07/25 17:19:48 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/02 09:34:24 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/11/16 19:12:45 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008/04/15 12:20:56 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008/04/15 12:39:48 | 000,010,000 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008/04/15 12:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008/04/15 12:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008/04/15 12:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008/04/15 12:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008/04/15 12:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008/04/15 12:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008/04/15 12:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2014/08/19 23:05:25 | 000,000,201 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fsledovatserialyonline.blogspot.cz%2Ffavicon.png
[2013/08/03 21:58:24 | 000,000,878 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialovysvet.cz%2Fimages%2Ffavicon.png
[2014/08/19 22:56:18 | 000,000,339 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycz.cz%2Fwp-content%2Fthemes%2Farras%2Fimages%2Ffavicon.png
[2013/05/22 22:43:07 | 000,000,673 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycz.cz%2Fwp-content%2Fuploads%2Ffavicon1.png
[2013/07/30 10:02:12 | 000,000,581 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2013/03/17 23:24:04 | 000,000,544 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.sledujuserialy.cz%2Ffavicon.png
[2013/05/15 23:43:27 | 000,000,628 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.topserialyonline.cz%2Ftemplates%2Frt_metropolis%2Ffavicon.png
[2013/02/07 13:55:37 | 000,000,307 | ---- | M] () -- \Users\Tomas\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.tvserialsonline.com%2Ffavicon.png
[2013/08/12 11:53:42 | 000,003,641 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\PhotoFiltre Studio X 10.3.0 + Serial.torrent
[2013/02/10 13:53:15 | 000,006,402 | ---- | M] () -- \Users\Tomas\AppData\Roaming\uTorrent\Total Video Converter HD v3.71 + Serials [ChattChitto RG].torrent
[2013/08/12 11:54:18 | 000,000,092 | ---- | M] () -- \Users\Tomas\Downloads\PhotoFiltre Studio X 10.3.0 + Serial\Serial.txt
[2006/07/06 14:18:26 | 006,164,398 | ---- | M] () -- \Users\Tomas\Music\7. Oldies\VA - Disco Celebration (40 Remixed Hits of the 70s and 80s)\209_inner_city_feat._paris_grey_-_do_me_right_(serial_diva_radio_edit) [www.pctrecords.com].mp3
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/11/16 19:12:45 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/07/02 09:30:28 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/04/11 13:05:05 | 002,804,736 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll
[2014/04/11 13:05:05 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll.aux
[2014/04/13 01:22:57 | 000,366,080 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\2a3ee6c1ccf3e74097ec163b273d4f92\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/04/13 01:22:57 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\2a3ee6c1ccf3e74097ec163b273d4f92\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/04/13 01:35:32 | 000,009,728 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtdf6812ee#\d7c19ec0784ce130d53d43af71a371db\System.Runtime.Serialization.Primitives.ni.dll
[2014/04/13 01:35:31 | 000,000,300 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtdf6812ee#\d7c19ec0784ce130d53d43af71a371db\System.Runtime.Serialization.Primitives.ni.dll.aux
[2014/04/11 22:38:56 | 003,530,752 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\209aa0718fe1f200de5ea360d5d4de25\System.Runtime.Serialization.ni.dll
[2014/04/11 22:38:56 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\209aa0718fe1f200de5ea360d5d4de25\System.Runtime.Serialization.ni.dll.aux
[2013/08/22 17:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2013/09/30 05:55:53 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/07/02 09:30:29 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/09/30 05:55:53 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/07/02 09:34:25 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/09/30 05:55:52 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2013/08/22 22:12:22 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 21:40:12 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.mum
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/22 08:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2011/06/10 05:43:56 | 000,073,728 | ---- | M] () -- \Windows\System32\SerialPort.dll
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/08/22 22:12:22 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/09/30 05:55:44 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013/09/30 05:55:39 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013/11/16 19:37:11 | 000,004,224 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.PNF
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2011/06/10 05:43:56 | 000,073,728 | ---- | M] () -- \Windows\SysWOW64\SerialPort.dll
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013/09/30 05:55:44 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2013/09/30 05:55:39 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2014/08/17 21:48:48 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_b12d926c7f1ac114\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/08/17 21:49:15 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_b1ceee03982636a5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/09/30 05:55:44 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_3f29419cb7a1caf0\serialui.dll.mui
[2013/08/22 13:13:54 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2014/08/17 21:54:37 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2013/11/16 19:12:45 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_4e753a0a26438751\System.RunTime.Serialization.Resources.dll
[2014/08/17 21:54:45 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_4f1695a13f4efce2\System.RunTime.Serialization.Resources.dll
[2013/09/30 05:55:39 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b574829120336a99\serial.sys.mui
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_1da5c476c59b0e5b\System.RunTime.Serialization.resources.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013/09/30 05:55:52 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_65f374ee29342685\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:41:27 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2014/08/17 22:05:44 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_f0517be51cec2cbf\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/17 22:05:45 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_d981a48b36959176\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/17 22:09:35 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2014/07/02 09:34:25 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5\System.Runtime.Serialization.dll
[2014/08/17 22:09:39 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c\System.Runtime.Serialization.dll
[2014/08/17 22:09:44 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2014/07/02 09:34:24 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e\System.Runtime.Serialization.dll
[2014/08/17 22:09:49 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25\System.Runtime.Serialization.dll
[2013/09/30 05:54:42 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_c3036df581d2c4e4.manifest
[2013/09/30 05:54:54 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 17:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013/08/22 15:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013/08/22 17:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013/08/22 17:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013/08/22 17:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013/08/22 17:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2013/08/22 17:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013/08/22 17:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013/08/22 17:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2014/08/13 17:07:43 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5.manifest
[2014/08/13 17:07:43 | 000,000,407 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c.manifest
[2013/08/22 17:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2014/08/13 17:07:43 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e.manifest
[2014/08/13 17:07:43 | 000,000,415 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25.manifest
[2013/08/22 17:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013/08/22 17:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013/08/22 17:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2014/08/13 17:07:43 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff.manifest
[2014/08/13 17:07:43 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6.manifest
[2013/09/30 05:55:21 | 000,000,448 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144.manifest
[2013/09/30 05:55:20 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b.manifest
[2014/08/13 17:07:39 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619.manifest
[2014/08/13 17:07:39 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0.manifest
[2013/08/22 17:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013/08/22 17:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2013/08/22 17:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2014/08/13 17:07:43 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732.manifest
[2014/08/13 17:07:43 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9.manifest
[2013/08/22 17:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013/08/22 17:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2014/08/13 17:07:43 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174.manifest
[2014/08/13 17:07:43 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b.manifest
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/17 22:15:56 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_6319fbc1e7e155b4\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/17 22:15:57 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_4c4a2468018aba6b\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/30 05:55:53 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_c6e6982dc37909d8\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/17 22:15:58 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.17226_cs-cz_1c43122de1795ead\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/17 22:15:59 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.20708_cs-cz_05733ad3fb22c364\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2014/08/17 22:16:03 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2014/07/02 09:30:29 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff\System.Runtime.Serialization.dll
[2014/08/17 22:16:07 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6\System.Runtime.Serialization.dll
[2013/09/30 05:55:53 | 000,113,864 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144\System.RunTime.Serialization.resources.dll
[2014/08/17 22:16:09 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2013/11/16 19:12:45 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619\System.RunTime.Serialization.Resources.dll
[2014/08/17 22:16:10 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0\System.RunTime.Serialization.Resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2014/08/17 22:16:14 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2014/07/02 09:30:28 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732\System.Runtime.Serialization.dll
[2014/08/17 22:16:19 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2014/08/17 22:48:41 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_550ef6e8c6bd4fde\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/17 22:49:06 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_55b0527fdfc8c56f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 05:55:44 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_e30aa618ff4459ba\serialui.dll.mui
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2014/08/17 23:05:30 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll
[2014/07/02 09:30:28 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174\System.Runtime.Serialization.dll
[2014/08/17 23:05:40 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Files - Unicode (All) ==========
[2014/03/04 02:04:19 | 003,502,112 | ---- | M] ()(C:\Users\Tomas\Desktop\Josef? Král - Lížu píču celý den.mp3) -- C:\Users\Tomas\Desktop\Josef Král - Lížu píču celý den.mp3
[2014/03/04 02:04:18 | 003,502,112 | ---- | C] ()(C:\Users\Tomas\Desktop\Josef? Král - Lížu píču celý den.mp3) -- C:\Users\Tomas\Desktop\Josef Král - Lížu píču celý den.mp3
[2013/10/27 22:24:56 | 103,533,600 | ---- | M] ()(C:\WINDOWS\SysWow64\???oŻ) -- C:\WINDOWS\SysWow64\᯾瞎騠ŏ̅
[2013/10/27 22:24:56 | 103,533,600 | ---- | M] ()(C:\WINDOWS\System32\???oŻ) -- C:\WINDOWS\System32\᯾瞎騠ŏ̅
[2013/10/27 22:24:56 | 103,533,600 | ---- | C] ()(C:\WINDOWS\SysWow64\???oŻ) -- C:\WINDOWS\SysWow64\᯾瞎騠ŏ̅
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\Users\Tomas\SkyDrive:ms-properties
< End of report >
Re: preventivka
OTL Extras logfile created on: 6. 9. 2014 0:41:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomas\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
3,48 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,51% Memory free
4,48 Gb Paging File | 2,18 Gb Available in Paging File | 48,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442,19 Gb Total Space | 251,50 Gb Free Space | 56,88% Space Free | Partition Type: NTFS
Computer Name: TOM | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D636435-83CD-41CD-8352-F22E14048CA8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{1342D761-A180-4BF2-B2BF-AAE250E99A97}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1467B12F-1D0E-44ED-9980-917E652D6FEF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D9EE142-F556-4881-8AC1-D7DFF62E89D2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{240DE441-DABA-41EB-B166-842AF86F4FE5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{255FE090-5948-469A-B9B0-F7879C37845E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{30918FCF-9785-495A-A1A4-02BA33ED90FB}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{427395E3-017E-40D8-8F19-DE14F826C9C2}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{77136BA4-9402-49C9-B319-FE8900AA0437}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{C21F439F-A006-41F0-9032-342859E568E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C7F7354F-3E02-42E7-B95F-169DCDE4E961}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{DE8BB182-8EE0-4D49-9F4A-0C19F30D6E55}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E347D704-DCA5-456D-BBA2-79A002487779}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FA173CAE-8691-4161-8C39-A4023C3285FD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02CFB154-A34B-4626-BD3B-5464ABCB20E4}" = dir=out | name=@{microsoft.bingnews_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{0336B611-05F9-4D9A-A337-7EE9794E7F5F}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{05612F3A-EE1D-47C3-A19E-F96315E20A94}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{07AF2AC3-58B6-4557-B0EE-A506C789726A}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{081FCC25-AC61-4F23-B97C-7CD67382C3E1}" = protocol=6 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"{08E9F997-7160-4F80-9643-0F118CD22857}" = dir=out | name=norton studio |
"{0A84E252-11D7-4EEC-B7ED-31AE73D7187A}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{0C338F72-3207-4519-B666-88FDBEF9B7C6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{11F056DF-3B78-4580-9459-32F230A466FC}" = dir=in | name=the gunstringer |
"{13A375CB-72D1-4C0A-98F1-37328B88FCE2}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{18F5DF26-1994-4B1A-A393-3C4266E804C0}" = dir=out | name=adera |
"{1A372CE4-21F0-47D7-9DE6-39377A11D22A}" = dir=out | name=f5 vpn |
"{1DFA7388-DCA2-4DE0-ACF9-315432E53FA3}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{1E9F521E-79BF-4AC4-B0F5-57400C111161}" = protocol=17 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"{20253661-A35C-470E-AD00-053D72C61985}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{20C147E6-AB7E-47A6-B58F-5B4FD6703499}" = dir=out | name=the gunstringer |
"{21333BD3-EC7F-4712-9C34-92FEC30CCA6E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{21A64919-A9C2-4D32-9F78-75467EC91FC5}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{21E329D9-882A-4AE3-80E7-707BB6D3822C}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{247FD486-C23B-4B07-AF19-F1BA7541B320}" = dir=out | name=s player |
"{28B8D1B3-75CA-4348-98D8-E401AFC27B70}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{29C7C1A4-A19A-41BA-B917-E8C2D4517AEE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{2FA971C3-9C6C-4A6D-8AE5-C9E613A01DEA}" = dir=in | name=juniper networks junos pulse |
"{2FFD0502-20B0-445A-96F2-41C96A7BA44D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{30B14B58-5EB2-4104-9400-BF8D9995AEA8}" = dir=out | name=windows_ie_ac_001 |
"{3280F993-2129-4ED7-AEE8-9B33C0B03E68}" = dir=out | name=merriam-webster dictionary |
"{34A6D1D2-5A29-4056-9D5B-D41815F7264B}" = dir=out | name=@{microsoft.zunevideo_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{38DA8336-037A-4DE4-989A-933C39EB792B}" = dir=out | name=s camera |
"{3A6DBE69-C520-4D00-A615-A66C047C7DBA}" = dir=out | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{3B096F6A-849B-4C3C-BFC8-CD4594781F6A}" = dir=out | name=skype |
"{3DF16A07-E193-4E9E-938D-EB9C0D78A6DF}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{3F2E6FCA-AAAA-4E5C-BE85-A19B3C33A790}" = dir=out | name=windows_ie_ac_001 |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{428766D9-37EF-46A3-9375-FB4BA60C3563}" = dir=out | name=check point vpn |
"{42DD6012-F6D1-49C1-A3BE-811C5D1D604B}" = dir=in | name=check point vpn |
"{47533098-D0A5-402D-BF32-557E8544AA33}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{482A8DD6-0DC6-4777-93BA-CA142E76BB4F}" = dir=out | name=s gallery |
"{492A0ADA-A96A-4C99-AC56-B8369368F132}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4F6C4983-84DA-432B-AEDD-E59C2D2AE835}" = dir=in | name=evernote touch |
"{510C248E-4461-4694-BCF3-89DE9928B55D}" = dir=out | name=@{43255ravenrevolt.czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm?ms-resource://43255ravenrevolt.czechsportnews/resources/aaapackagedisplayname} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{57ED9A80-63EF-483E-8BAC-708797E45CC5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F9A0BB3-BE9F-46D0-8804-4F9D8D589043}" = dir=in | name=sonicwall mobile connect |
"{663B14CA-F1F9-4290-AA1C-3F985E9B2707}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.315_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{67A1F064-9E27-43B1-AC33-20C4D0BD7477}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{68745C10-2B9C-4C8D-BD1C-82C2790B28E7}" = dir=out | name=family story |
"{6DAA9778-B4BE-48D1-9B13-324A25B7F105}" = dir=out | name=kindle |
"{6ED77EE3-A90A-4DA3-AD27-264685F22F53}" = dir=out | name=sonicwall mobile connect |
"{72931198-92F1-4BCD-AF62-37A1E042828E}" = dir=out | name=@{microsoft.zunevideo_2.6.256.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{72A502DA-DF6B-4D75-9C50-7CCB26A2DA56}" = dir=out | name=@{microsoft.bingweather_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{7601251F-0A5C-478D-84D2-C9692C2E05AA}" = dir=out | name=@{microsoft.bingtravel_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{77D1EBDE-3D2D-4CAC-95FA-9CAA8D0023AD}" = dir=out | name=photoeditor |
"{7B3ADC00-41C7-4E96-B1D4-E7A611994FE3}" = dir=out | name=@{microsoft.xboxlivegames_1.2.143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7D087A7E-8B88-4715-A3F7-9A1742F534F8}" = dir=in | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{7D5FC363-FCBA-4493-8631-3D483AEEE1FA}" = dir=out | name=chaton |
"{7EDB0AA0-1913-4659-BBA0-92CD7B5FE951}" = dir=out | name=svátky |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8182050E-C319-406A-8D3E-37C99E18C4B7}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{82510E0E-A8D6-497F-862D-403942A1DC39}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{8805765A-7AF3-4AB6-9862-E822C7F856EF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8D62A53A-7013-437D-899F-5C45AFAB187A}" = dir=out | name=shazam |
"{91EBA131-F100-459D-9F6B-F538B6B258C7}" = dir=out | name=windows_ie_ac_001 |
"{91F0DFAF-E11A-4EE4-96C0-23855E9CD896}" = dir=out | name=@{microsoft.zunemusic_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{930C1A5F-1CA8-428D-BBDD-8038F7DF06D3}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{9876A0B9-9E40-4595-8055-75F5F4914C7A}" = dir=in | name=skype |
"{9E234A01-A2FE-4C48-B087-4A1D95A8C754}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A03702A2-7EEB-46D5-B3F3-AD04F115D720}" = protocol=6 | dir=out | app=c:\program files (x86)\samsung\easy file share\easyfileshare.exe |
"{A2E402CE-B555-49D2-A9DF-AC6058056529}" = dir=out | name=novinky.cz |
"{A580BB9D-6DEC-462C-B956-C80EA1EA2505}" = dir=out | name=shark dash |
"{A6F1D2DF-1433-448B-9E19-54A25BBF7F73}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{A7F592E2-BDD7-4207-B06F-B51C81E55A0A}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{AA783DED-6394-4600-9FFA-0A2B95FF878F}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{AB57F184-5021-458E-B0E5-2C3384AB24A1}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{AE39E83D-727B-4FD1-A07B-9D982C13FF82}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy file share\easyfileshare.exe |
"{AF391462-1F43-4359-A082-BFC1415B98DB}" = dir=in | name=f5 vpn |
"{B40C59BE-4669-48AB-8EF9-3DD04875FB3B}" = dir=out | name=jamie's recipes |
"{B46431F0-E123-4CB9-988D-C40DA1034DDE}" = dir=out | name=@{microsoft.bingsports_3.0.2.317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{BB309C9E-A22E-481E-8757-58792F6B5137}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{BD0F6877-0CAC-47D4-863D-832FF7115E09}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{BD631693-B155-4F79-B210-74C902D133D4}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{C12B41C9-4C59-4E35-BB75-BF77781A16FA}" = dir=out | name=@{microsoft.zunemusic_2.2.931.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C43395CA-ADE5-4C3F-B06E-065CF2FBCA45}" = dir=out | name=evernote touch |
"{C4366A95-D9A1-4729-8D5F-0C31D6FA1024}" = dir=out | name=@{43255ravenrevolt.czechtechnicalnews_1.0.0.18_x64__jq9gdnk9pj0cm?ms-resource://43255ravenrevolt.czechtechnicalnews/resources/aaapackagedisplayname} |
"{C9AD6085-8F77-4EF9-8D48-A4FA1592FFFA}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{CA6E323D-6159-4693-80EA-33F8715226A4}" = dir=out | name=google search |
"{D135EE12-458C-4F83-9586-759FE862A3AB}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D218C29A-3B1E-429B-B006-B33449B64DF4}" = dir=in | name=pinball fx2 |
"{D5C65B7A-94F6-4AE1-9AA7-203210028D4D}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DA0C1063-22A8-46EB-92E3-2B3A441476A8}" = dir=out | name=windows_ie_ac_001 |
"{DA235E6A-934C-4A73-A6A7-F79B4ECFBA13}" = dir=out | name=juniper networks junos pulse |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E2280838-687E-4060-94EE-B10F03824DC2}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E2AE26E7-34BB-4A74-95F0-0359EEB4AD42}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EFC3CCA4-11A6-48C1-BE5E-D88029E80805}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F089B77A-B966-4B71-86B4-ED6F3841B176}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F0F5AA3E-ADA6-4BBA-987B-B90B9F74FBC5}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{F2521B46-85D1-4525-9AF2-9B4D46098CAE}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F381E7C6-0275-45E7-8F83-76D0CED53E94}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{F4225633-2140-4406-8A1B-CEEC645B28C6}" = dir=out | name=fresh paint |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8AA60FD-4F5F-4A99-BD65-B9ABC6AA8E64}" = dir=out | name=pinball fx2 |
"{FB59FBA9-3A5D-4B3B-9066-9A447757EC73}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{FF3C085D-5A3B-4B8B-92A2-0380B127B868}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"TCP Query User{69E9A58A-38D0-409C-9696-2ED5E3E3F3FB}C:\program files (x86)\pinnacle\studio 12\programs\studio.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"TCP Query User{794B7642-36F2-41B8-BC13-FBF97E4E13CC}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{F71FBEC4-6621-43DE-A0D0-EDAAA5D82147}C:\program files (x86)\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"UDP Query User{A6A46262-0599-49F9-8F7E-6A5930C3C8FD}C:\program files (x86)\pinnacle\studio 12\programs\studio.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"UDP Query User{C85437DF-CF22-499A-8415-D940AE58CE3B}C:\program files (x86)\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"UDP Query User{E2F9C340-1D3E-479E-A4DC-7DE3FDCA61B2}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1CF215F9-3217-5ABC-1364-7CAAE63BCE60}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{58DDFC02-3E05-472E-ABF0-5A3DC500FFB1}" = MAGIX Music Maker 2014 Premium Update
"{5A52C7BA-14F5-4BDD-A74A-3333DCB121F0}" = S Agent
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Ovladače videa společnosti Pinnacle
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb" = Adobe Audition 3.0 Vista Compatibility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A7EA0E46-3354-C90D-3722-F0B03A62C23D}" = AMD Accelerated Video Transcoding
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB0DEFBB-1A16-47B5-86D2-39F0A2B24AE4}" = Support Center
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ADCF3355-70DF-4470-1790-FD68B29574FB}" = ccc-utility64
"{AEC9D273-E162-4614-83F1-722B8C74B185}" = Help Desk
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}" = WinZip 17.5
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}" = Quick Starter
"{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1" = Bitcasa version 0.9.20.4135
"6063EEC25198774C05DD567645ADF55482CBEDDA" = Balíček ovladače systému Windows - Microchip Technology, Inc. (usbser) Ports (08/28/2012 5.1.2600.3)
"9F04C462DAB591BDCCE784F77E4D4F1736010B92" = Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735)
"CCleaner" = CCleaner
"Elantech" = ETDWare X64 11.7.18.2_WHQL
"ProPlusRetail - cs-cz" = Microsoft Office Professional Plus 2013 - cs-cz
"TAP-Windows" = TAP-Windows 9.9.2
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}" = Movie Maker
"{0C69648B-D148-DF0E-EE4B-868D7EF5A106}" = CCC Help English
"{0CD05078-D4F3-4006-8726-B01E10A89B28}" = Movie Maker
"{10AE4FDC-32F9-4E56-8EE1-10629DD11C4E}" = Avira
"{12005844-DC20-A649-1589-45F5257123FB}" = CCC Help German
"{134C1595-3043-519D-721E-92BABE7FBE65}" = CCC Help Italian
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Recovery
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1971235B-AE41-4B68-BCFF-8057DF6952BF}" = Photo Common
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.8.4
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{272883AD-2143-56ED-F4BC-200CA8870FC3}" = CCC Help French
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2DB5E4B0-B260-179D-8840-F2A86BFC45B6}" = CCC Help Hungarian
"{2F3E0052-438D-4D42-873C-94223F25FF7A}" = Windows Live UX Platform Language Pack
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{343C0612-37DC-4914-95A7-0845EE0C8F04}" = Galerija fotografija
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{41C1C98B-8DC4-C893-8270-4FFAD36D4668}" = CCC Help Dutch
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{43DA105B-2D4B-7FDC-B0C0-3703E27ECD78}" = CCC Help Turkish
"{45903D5B-C960-72DF-94FA-EFB77DBEE440}" = CCC Help Korean
"{47AC83D4-C2CE-4F1F-8494-FB08066B38E3}" = Windows Live Essentials
"{48892E98-6FE0-9D4F-5EB0-0C2519BFA177}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{57430A7B-EB42-41ED-88F8-ACB2DEDB8416}" = Movie Maker
"{5850E04C-BCD5-C9BA-3F16-E3F9FC6AA939}" = Catalyst Control Center Localization All
"{5B87607E-E781-49C5-9891-80990E45BCA1}" = Fotogaléria
"{5D4E117D-FC6A-4FB8-81E3-BEFFAE2F7BE6}" = User Guide
"{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}" = Fotogalerija
"{61F0224D-A87E-BEDF-BC48-B5761FCD65DD}" = OEM Application Profile
"{65563DAF-7F7F-4B8A-B544-166058E7CC08}" = Support Center FAQ
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E2D81AB-774B-4AC8-B837-942269C828B7}" = Windows Live Essentials
"{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}" = Fotótár
"{7004BFFF-8BF0-9C0A-4530-3782601B8BEB}" = CCC Help Japanese
"{71D932E4-B1BB-A0FF-96A3-578B034F9DDA}" = CCC Help Thai
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{804B4DEF-60AB-82CB-D84B-D28599EBCB3D}" = CCC Help Swedish
"{82EC241F-DFCA-4166-A8C3-EA5D2B9A41C4}" = Samsung Link
"{835BFEDD-FDBC-4662-9873-A6C47B8D120A}" = Windows Live UX Platform Language Pack
"{83B73B3C-AE57-831C-0E0B-BE289EF833B5}" = CCC Help Chinese Traditional
"{8460D8F0-6ACE-6C9E-F2EF-ACE767C65DFB}" = CCC Help Portuguese
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8877D756-DD62-D39B-5DE2-22D55D598EAB}" = CCC Help Polish
"{8B5D382A-46C8-442E-AFD5-0C419CB34C51}" = Windows Live UX Platform Language Pack
"{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}" = Settings
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-00BD-0405-0000-0000000FF1CE}" = Jazyk popisů ovládacích prvků systému Microsoft Office 2010 – čeština
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0405-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{914CF575-57ED-48C4-891F-D0830BFB797E}" = Windows Live Essentials
"{9173CE15-A754-D2B8-26D4-334581717F07}" = CCC Help Spanish
"{91786428-D4AA-476D-8AF9-A63FFAC2901F}" = Allshare Play Link
"{91BCA11A-D01D-4E6F-9444-58970078CD9B}" = Windows Live Essentials
"{9586BCBD-AF7E-DA99-F1BB-087BF8AD6E1A}" = CCC Help Norwegian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F339B62-FEBA-6D76-8E60-AE208C37B4DF}" = CCC Help Greek
"{9F981901-3080-416F-B90E-8E30FA6D14B5}" = Photo Common
"{A0332229-4EF7-4A36-AED8-E5876EB2DF86}" = Windows Live UX Platform Language Pack
"{A27180D0-17BB-498B-89FF-A72656B85978}" = Movie Maker
"{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}" = Easy File Share
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2DFC8E-C3C5-F476-813A-3D1A532AADD1}" = CCC Help Czech
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.11) MUI
"{B1D0122C-6BE2-47A2-82AE-0BB3F6C91C49}" = Photo Common
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B6A96E8C-FC88-46F5-800E-6845B4ACA459}" = Photo Gallery
"{B96B8FC7-EF06-4C18-AB54-38BB5D84CE7E}" = Photo Common
"{C387D762-D2D6-27E2-860C-FE095F758828}" = CCC Help Danish
"{C76525AD-97CF-4E4A-BF25-650AA5F977A8}" = Catalyst Control Center - Branding
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{CE1836A8-3F2B-49BD-8395-93DD414068D2}" = AllSharePlayLink
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D1860E6E-520E-4380-8433-E58E8F88B473}" = Pinnacle Studio 12 Ultimate Plugins
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D18F29F4-3609-4FBD-8A76-57B6AC3404F3}" = Photo Common
"{D2B5F1E3-EA56-4D84-A453-A213B32974CB}" = SW Update
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{e67154a7-9cc5-4167-b782-f3982bc6c70d}" = Avira
"{E6C82605-EEA2-D808-371B-CC964E3CCD68}" = CCC Help Chinese Standard
"{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}" = Movie Maker
"{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F14F7FC5-6534-7565-A0BF-0131C5EC1F6F}" = AMD Catalyst Control Center
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{F4E1D4D6-8931-E3D9-5357-982F1AF94AF0}" = CCC Help Finnish
"{F8F630A7-6789-44D5-8653-3B27969CF337}" = Windows Live Essentials
"{FC0BC4D9-22D7-4BDD-89D7-A8621CEF072F}" = Windows Live UX Platform Language Pack
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF276E55-7261-B929-682C-B590449E3B9E}" = Catalyst Control Center InstallProxy
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"ASIO4ALL" = ASIO4ALL
"Audio Tuner" = Audio Tuner (remove only)
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Brain Workshop_is1" = Brain Workshop 4.8.4
"BSW" = BrettspielWelt
"bwincomPoker" = bwin Poker
"DAEMON Tools Lite" = DAEMON Tools Lite
"FBDBServer_2_5_is1" = Firebird 2.5.0.26074 (Win32)
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"Google Chrome" = Google Chrome
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"IrfanView" = IrfanView (remove only)
"Jak věci pracují 2.0" = Jak věci pracují 2.0
"MiniLyrics" = MiniLyrics
"Open Broadcaster Software" = Open Broadcaster Software
"OpenVPN" = OpenVPN 2.3.2-I003
"Opera 12.17.1863" = Opera 12.17
"Plants vs. Zombies" = Plants vs. Zombies
"SAM3" = SAM Broadcaster (remove only)
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"TeamViewer 9" = TeamViewer 9
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.71_is1" = Total Video Converter 3.71 100812
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1499688777-3318823800-151401397-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5. 9. 2014 1:54:16 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: b48 Čas spuštění: 01cfc8ccc3b90ca6 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: 109eca33-34c1-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
Error - 5. 9. 2014 3:02:31 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: ab0 Čas spuštění: 01cfc8d64c78e252 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: 99967756-34ca-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
Error - 5. 9. 2014 4:02:35 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: cd8 Čas spuštění: 01cfc8deae2edc32 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: fc145791-34d2-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
Error - 5. 9. 2014 4:05:50 | Computer Name = Tom | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Název chybujícího modulu: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Kód výjimky: 0xc0000005 Posun chyby: 0x002a4d82 ID chybujícího
procesu: 0x18c0 Čas spuštění chybující aplikace: 0x01cfc8d6c884dba0 Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe ID zprávy:
728b8f75-34d3-11e4-bf25-50b7c33aa934 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:
Error - 5. 9. 2014 4:15:07 | Computer Name = Tom | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Název chybujícího modulu: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Kód výjimky: 0xc0000005 Posun chyby: 0x002a4d82 ID chybujícího
procesu: 0x15e0 Čas spuštění chybující aplikace: 0x01cfc8e11b64608e Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe ID zprávy:
beb0c357-34d4-11e4-bf25-50b7c33aa934 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:
Error - 5. 9. 2014 4:55:00 | Computer Name = Tom | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Název chybujícího modulu: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Kód výjimky: 0xc0000005 Posun chyby: 0x002a4d82 ID chybujícího
procesu: 0x11e8 Čas spuštění chybující aplikace: 0x01cfc8e242295aa9 Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe ID zprávy:
51478088-34da-11e4-bf25-50b7c33aa934 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:
Error - 5. 9. 2014 4:55:14 | Computer Name = Tom | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Název chybujícího modulu: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Kód výjimky: 0xc000041d Posun chyby: 0x002a4d82 ID chybujícího
procesu: 0x11e8 Čas spuštění chybující aplikace: 0x01cfc8e242295aa9 Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe ID zprávy:
593381d7-34da-11e4-bf25-50b7c33aa934 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:
Error - 5. 9. 2014 5:02:31 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 3f0 Čas spuštění: 01cfc8e70ffc5608 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: 5cfdfe11-34db-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
Error - 5. 9. 2014 17:44:22 | Computer Name = Tom | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 5. 9. 2014 18:03:48 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 1ed8 Čas spuštění: 01cfc95435169db8 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: 820cfb43-3548-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
[ System Events ]
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomas\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
3,48 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,51% Memory free
4,48 Gb Paging File | 2,18 Gb Available in Paging File | 48,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442,19 Gb Total Space | 251,50 Gb Free Space | 56,88% Space Free | Partition Type: NTFS
Computer Name: TOM | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D636435-83CD-41CD-8352-F22E14048CA8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{1342D761-A180-4BF2-B2BF-AAE250E99A97}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1467B12F-1D0E-44ED-9980-917E652D6FEF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D9EE142-F556-4881-8AC1-D7DFF62E89D2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{240DE441-DABA-41EB-B166-842AF86F4FE5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{255FE090-5948-469A-B9B0-F7879C37845E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{30918FCF-9785-495A-A1A4-02BA33ED90FB}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{427395E3-017E-40D8-8F19-DE14F826C9C2}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{77136BA4-9402-49C9-B319-FE8900AA0437}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{C21F439F-A006-41F0-9032-342859E568E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C7F7354F-3E02-42E7-B95F-169DCDE4E961}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{DE8BB182-8EE0-4D49-9F4A-0C19F30D6E55}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E347D704-DCA5-456D-BBA2-79A002487779}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FA173CAE-8691-4161-8C39-A4023C3285FD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02CFB154-A34B-4626-BD3B-5464ABCB20E4}" = dir=out | name=@{microsoft.bingnews_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{0336B611-05F9-4D9A-A337-7EE9794E7F5F}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{05612F3A-EE1D-47C3-A19E-F96315E20A94}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{07AF2AC3-58B6-4557-B0EE-A506C789726A}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{081FCC25-AC61-4F23-B97C-7CD67382C3E1}" = protocol=6 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"{08E9F997-7160-4F80-9643-0F118CD22857}" = dir=out | name=norton studio |
"{0A84E252-11D7-4EEC-B7ED-31AE73D7187A}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{0C338F72-3207-4519-B666-88FDBEF9B7C6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{11F056DF-3B78-4580-9459-32F230A466FC}" = dir=in | name=the gunstringer |
"{13A375CB-72D1-4C0A-98F1-37328B88FCE2}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{18F5DF26-1994-4B1A-A393-3C4266E804C0}" = dir=out | name=adera |
"{1A372CE4-21F0-47D7-9DE6-39377A11D22A}" = dir=out | name=f5 vpn |
"{1DFA7388-DCA2-4DE0-ACF9-315432E53FA3}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{1E9F521E-79BF-4AC4-B0F5-57400C111161}" = protocol=17 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"{20253661-A35C-470E-AD00-053D72C61985}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{20C147E6-AB7E-47A6-B58F-5B4FD6703499}" = dir=out | name=the gunstringer |
"{21333BD3-EC7F-4712-9C34-92FEC30CCA6E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{21A64919-A9C2-4D32-9F78-75467EC91FC5}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{21E329D9-882A-4AE3-80E7-707BB6D3822C}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{247FD486-C23B-4B07-AF19-F1BA7541B320}" = dir=out | name=s player |
"{28B8D1B3-75CA-4348-98D8-E401AFC27B70}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{29C7C1A4-A19A-41BA-B917-E8C2D4517AEE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{2FA971C3-9C6C-4A6D-8AE5-C9E613A01DEA}" = dir=in | name=juniper networks junos pulse |
"{2FFD0502-20B0-445A-96F2-41C96A7BA44D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{30B14B58-5EB2-4104-9400-BF8D9995AEA8}" = dir=out | name=windows_ie_ac_001 |
"{3280F993-2129-4ED7-AEE8-9B33C0B03E68}" = dir=out | name=merriam-webster dictionary |
"{34A6D1D2-5A29-4056-9D5B-D41815F7264B}" = dir=out | name=@{microsoft.zunevideo_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{38DA8336-037A-4DE4-989A-933C39EB792B}" = dir=out | name=s camera |
"{3A6DBE69-C520-4D00-A615-A66C047C7DBA}" = dir=out | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{3B096F6A-849B-4C3C-BFC8-CD4594781F6A}" = dir=out | name=skype |
"{3DF16A07-E193-4E9E-938D-EB9C0D78A6DF}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{3F2E6FCA-AAAA-4E5C-BE85-A19B3C33A790}" = dir=out | name=windows_ie_ac_001 |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{428766D9-37EF-46A3-9375-FB4BA60C3563}" = dir=out | name=check point vpn |
"{42DD6012-F6D1-49C1-A3BE-811C5D1D604B}" = dir=in | name=check point vpn |
"{47533098-D0A5-402D-BF32-557E8544AA33}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{482A8DD6-0DC6-4777-93BA-CA142E76BB4F}" = dir=out | name=s gallery |
"{492A0ADA-A96A-4C99-AC56-B8369368F132}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4F6C4983-84DA-432B-AEDD-E59C2D2AE835}" = dir=in | name=evernote touch |
"{510C248E-4461-4694-BCF3-89DE9928B55D}" = dir=out | name=@{43255ravenrevolt.czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm?ms-resource://43255ravenrevolt.czechsportnews/resources/aaapackagedisplayname} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{57ED9A80-63EF-483E-8BAC-708797E45CC5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F9A0BB3-BE9F-46D0-8804-4F9D8D589043}" = dir=in | name=sonicwall mobile connect |
"{663B14CA-F1F9-4290-AA1C-3F985E9B2707}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.315_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{67A1F064-9E27-43B1-AC33-20C4D0BD7477}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{68745C10-2B9C-4C8D-BD1C-82C2790B28E7}" = dir=out | name=family story |
"{6DAA9778-B4BE-48D1-9B13-324A25B7F105}" = dir=out | name=kindle |
"{6ED77EE3-A90A-4DA3-AD27-264685F22F53}" = dir=out | name=sonicwall mobile connect |
"{72931198-92F1-4BCD-AF62-37A1E042828E}" = dir=out | name=@{microsoft.zunevideo_2.6.256.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{72A502DA-DF6B-4D75-9C50-7CCB26A2DA56}" = dir=out | name=@{microsoft.bingweather_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{7601251F-0A5C-478D-84D2-C9692C2E05AA}" = dir=out | name=@{microsoft.bingtravel_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{77D1EBDE-3D2D-4CAC-95FA-9CAA8D0023AD}" = dir=out | name=photoeditor |
"{7B3ADC00-41C7-4E96-B1D4-E7A611994FE3}" = dir=out | name=@{microsoft.xboxlivegames_1.2.143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7D087A7E-8B88-4715-A3F7-9A1742F534F8}" = dir=in | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{7D5FC363-FCBA-4493-8631-3D483AEEE1FA}" = dir=out | name=chaton |
"{7EDB0AA0-1913-4659-BBA0-92CD7B5FE951}" = dir=out | name=svátky |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8182050E-C319-406A-8D3E-37C99E18C4B7}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{82510E0E-A8D6-497F-862D-403942A1DC39}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{8805765A-7AF3-4AB6-9862-E822C7F856EF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8D62A53A-7013-437D-899F-5C45AFAB187A}" = dir=out | name=shazam |
"{91EBA131-F100-459D-9F6B-F538B6B258C7}" = dir=out | name=windows_ie_ac_001 |
"{91F0DFAF-E11A-4EE4-96C0-23855E9CD896}" = dir=out | name=@{microsoft.zunemusic_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{930C1A5F-1CA8-428D-BBDD-8038F7DF06D3}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{9876A0B9-9E40-4595-8055-75F5F4914C7A}" = dir=in | name=skype |
"{9E234A01-A2FE-4C48-B087-4A1D95A8C754}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A03702A2-7EEB-46D5-B3F3-AD04F115D720}" = protocol=6 | dir=out | app=c:\program files (x86)\samsung\easy file share\easyfileshare.exe |
"{A2E402CE-B555-49D2-A9DF-AC6058056529}" = dir=out | name=novinky.cz |
"{A580BB9D-6DEC-462C-B956-C80EA1EA2505}" = dir=out | name=shark dash |
"{A6F1D2DF-1433-448B-9E19-54A25BBF7F73}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{A7F592E2-BDD7-4207-B06F-B51C81E55A0A}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{AA783DED-6394-4600-9FFA-0A2B95FF878F}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{AB57F184-5021-458E-B0E5-2C3384AB24A1}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{AE39E83D-727B-4FD1-A07B-9D982C13FF82}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy file share\easyfileshare.exe |
"{AF391462-1F43-4359-A082-BFC1415B98DB}" = dir=in | name=f5 vpn |
"{B40C59BE-4669-48AB-8EF9-3DD04875FB3B}" = dir=out | name=jamie's recipes |
"{B46431F0-E123-4CB9-988D-C40DA1034DDE}" = dir=out | name=@{microsoft.bingsports_3.0.2.317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{BB309C9E-A22E-481E-8757-58792F6B5137}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{BD0F6877-0CAC-47D4-863D-832FF7115E09}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{BD631693-B155-4F79-B210-74C902D133D4}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{C12B41C9-4C59-4E35-BB75-BF77781A16FA}" = dir=out | name=@{microsoft.zunemusic_2.2.931.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C43395CA-ADE5-4C3F-B06E-065CF2FBCA45}" = dir=out | name=evernote touch |
"{C4366A95-D9A1-4729-8D5F-0C31D6FA1024}" = dir=out | name=@{43255ravenrevolt.czechtechnicalnews_1.0.0.18_x64__jq9gdnk9pj0cm?ms-resource://43255ravenrevolt.czechtechnicalnews/resources/aaapackagedisplayname} |
"{C9AD6085-8F77-4EF9-8D48-A4FA1592FFFA}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{CA6E323D-6159-4693-80EA-33F8715226A4}" = dir=out | name=google search |
"{D135EE12-458C-4F83-9586-759FE862A3AB}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D218C29A-3B1E-429B-B006-B33449B64DF4}" = dir=in | name=pinball fx2 |
"{D5C65B7A-94F6-4AE1-9AA7-203210028D4D}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DA0C1063-22A8-46EB-92E3-2B3A441476A8}" = dir=out | name=windows_ie_ac_001 |
"{DA235E6A-934C-4A73-A6A7-F79B4ECFBA13}" = dir=out | name=juniper networks junos pulse |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E2280838-687E-4060-94EE-B10F03824DC2}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E2AE26E7-34BB-4A74-95F0-0359EEB4AD42}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EFC3CCA4-11A6-48C1-BE5E-D88029E80805}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F089B77A-B966-4B71-86B4-ED6F3841B176}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F0F5AA3E-ADA6-4BBA-987B-B90B9F74FBC5}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{F2521B46-85D1-4525-9AF2-9B4D46098CAE}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F381E7C6-0275-45E7-8F83-76D0CED53E94}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{F4225633-2140-4406-8A1B-CEEC645B28C6}" = dir=out | name=fresh paint |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8AA60FD-4F5F-4A99-BD65-B9ABC6AA8E64}" = dir=out | name=pinball fx2 |
"{FB59FBA9-3A5D-4B3B-9066-9A447757EC73}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{FF3C085D-5A3B-4B8B-92A2-0380B127B868}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"TCP Query User{69E9A58A-38D0-409C-9696-2ED5E3E3F3FB}C:\program files (x86)\pinnacle\studio 12\programs\studio.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"TCP Query User{794B7642-36F2-41B8-BC13-FBF97E4E13CC}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{F71FBEC4-6621-43DE-A0D0-EDAAA5D82147}C:\program files (x86)\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"UDP Query User{A6A46262-0599-49F9-8F7E-6A5930C3C8FD}C:\program files (x86)\pinnacle\studio 12\programs\studio.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"UDP Query User{C85437DF-CF22-499A-8415-D940AE58CE3B}C:\program files (x86)\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spacialaudio\sambc\sambc.exe |
"UDP Query User{E2F9C340-1D3E-479E-A4DC-7DE3FDCA61B2}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1CF215F9-3217-5ABC-1364-7CAAE63BCE60}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{58DDFC02-3E05-472E-ABF0-5A3DC500FFB1}" = MAGIX Music Maker 2014 Premium Update
"{5A52C7BA-14F5-4BDD-A74A-3333DCB121F0}" = S Agent
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Ovladače videa společnosti Pinnacle
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb" = Adobe Audition 3.0 Vista Compatibility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A7EA0E46-3354-C90D-3722-F0B03A62C23D}" = AMD Accelerated Video Transcoding
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB0DEFBB-1A16-47B5-86D2-39F0A2B24AE4}" = Support Center
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ADCF3355-70DF-4470-1790-FD68B29574FB}" = ccc-utility64
"{AEC9D273-E162-4614-83F1-722B8C74B185}" = Help Desk
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}" = WinZip 17.5
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}" = Quick Starter
"{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1" = Bitcasa version 0.9.20.4135
"6063EEC25198774C05DD567645ADF55482CBEDDA" = Balíček ovladače systému Windows - Microchip Technology, Inc. (usbser) Ports (08/28/2012 5.1.2600.3)
"9F04C462DAB591BDCCE784F77E4D4F1736010B92" = Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735)
"CCleaner" = CCleaner
"Elantech" = ETDWare X64 11.7.18.2_WHQL
"ProPlusRetail - cs-cz" = Microsoft Office Professional Plus 2013 - cs-cz
"TAP-Windows" = TAP-Windows 9.9.2
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}" = Movie Maker
"{0C69648B-D148-DF0E-EE4B-868D7EF5A106}" = CCC Help English
"{0CD05078-D4F3-4006-8726-B01E10A89B28}" = Movie Maker
"{10AE4FDC-32F9-4E56-8EE1-10629DD11C4E}" = Avira
"{12005844-DC20-A649-1589-45F5257123FB}" = CCC Help German
"{134C1595-3043-519D-721E-92BABE7FBE65}" = CCC Help Italian
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Recovery
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1971235B-AE41-4B68-BCFF-8057DF6952BF}" = Photo Common
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.8.4
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{272883AD-2143-56ED-F4BC-200CA8870FC3}" = CCC Help French
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2DB5E4B0-B260-179D-8840-F2A86BFC45B6}" = CCC Help Hungarian
"{2F3E0052-438D-4D42-873C-94223F25FF7A}" = Windows Live UX Platform Language Pack
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{343C0612-37DC-4914-95A7-0845EE0C8F04}" = Galerija fotografija
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{41C1C98B-8DC4-C893-8270-4FFAD36D4668}" = CCC Help Dutch
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{43DA105B-2D4B-7FDC-B0C0-3703E27ECD78}" = CCC Help Turkish
"{45903D5B-C960-72DF-94FA-EFB77DBEE440}" = CCC Help Korean
"{47AC83D4-C2CE-4F1F-8494-FB08066B38E3}" = Windows Live Essentials
"{48892E98-6FE0-9D4F-5EB0-0C2519BFA177}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{57430A7B-EB42-41ED-88F8-ACB2DEDB8416}" = Movie Maker
"{5850E04C-BCD5-C9BA-3F16-E3F9FC6AA939}" = Catalyst Control Center Localization All
"{5B87607E-E781-49C5-9891-80990E45BCA1}" = Fotogaléria
"{5D4E117D-FC6A-4FB8-81E3-BEFFAE2F7BE6}" = User Guide
"{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}" = Fotogalerija
"{61F0224D-A87E-BEDF-BC48-B5761FCD65DD}" = OEM Application Profile
"{65563DAF-7F7F-4B8A-B544-166058E7CC08}" = Support Center FAQ
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E2D81AB-774B-4AC8-B837-942269C828B7}" = Windows Live Essentials
"{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}" = Fotótár
"{7004BFFF-8BF0-9C0A-4530-3782601B8BEB}" = CCC Help Japanese
"{71D932E4-B1BB-A0FF-96A3-578B034F9DDA}" = CCC Help Thai
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{804B4DEF-60AB-82CB-D84B-D28599EBCB3D}" = CCC Help Swedish
"{82EC241F-DFCA-4166-A8C3-EA5D2B9A41C4}" = Samsung Link
"{835BFEDD-FDBC-4662-9873-A6C47B8D120A}" = Windows Live UX Platform Language Pack
"{83B73B3C-AE57-831C-0E0B-BE289EF833B5}" = CCC Help Chinese Traditional
"{8460D8F0-6ACE-6C9E-F2EF-ACE767C65DFB}" = CCC Help Portuguese
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8877D756-DD62-D39B-5DE2-22D55D598EAB}" = CCC Help Polish
"{8B5D382A-46C8-442E-AFD5-0C419CB34C51}" = Windows Live UX Platform Language Pack
"{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}" = Settings
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-00BD-0405-0000-0000000FF1CE}" = Jazyk popisů ovládacích prvků systému Microsoft Office 2010 – čeština
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0405-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{914CF575-57ED-48C4-891F-D0830BFB797E}" = Windows Live Essentials
"{9173CE15-A754-D2B8-26D4-334581717F07}" = CCC Help Spanish
"{91786428-D4AA-476D-8AF9-A63FFAC2901F}" = Allshare Play Link
"{91BCA11A-D01D-4E6F-9444-58970078CD9B}" = Windows Live Essentials
"{9586BCBD-AF7E-DA99-F1BB-087BF8AD6E1A}" = CCC Help Norwegian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F339B62-FEBA-6D76-8E60-AE208C37B4DF}" = CCC Help Greek
"{9F981901-3080-416F-B90E-8E30FA6D14B5}" = Photo Common
"{A0332229-4EF7-4A36-AED8-E5876EB2DF86}" = Windows Live UX Platform Language Pack
"{A27180D0-17BB-498B-89FF-A72656B85978}" = Movie Maker
"{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}" = Easy File Share
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2DFC8E-C3C5-F476-813A-3D1A532AADD1}" = CCC Help Czech
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.11) MUI
"{B1D0122C-6BE2-47A2-82AE-0BB3F6C91C49}" = Photo Common
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B6A96E8C-FC88-46F5-800E-6845B4ACA459}" = Photo Gallery
"{B96B8FC7-EF06-4C18-AB54-38BB5D84CE7E}" = Photo Common
"{C387D762-D2D6-27E2-860C-FE095F758828}" = CCC Help Danish
"{C76525AD-97CF-4E4A-BF25-650AA5F977A8}" = Catalyst Control Center - Branding
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{CE1836A8-3F2B-49BD-8395-93DD414068D2}" = AllSharePlayLink
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D1860E6E-520E-4380-8433-E58E8F88B473}" = Pinnacle Studio 12 Ultimate Plugins
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D18F29F4-3609-4FBD-8A76-57B6AC3404F3}" = Photo Common
"{D2B5F1E3-EA56-4D84-A453-A213B32974CB}" = SW Update
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{e67154a7-9cc5-4167-b782-f3982bc6c70d}" = Avira
"{E6C82605-EEA2-D808-371B-CC964E3CCD68}" = CCC Help Chinese Standard
"{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}" = Movie Maker
"{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F14F7FC5-6534-7565-A0BF-0131C5EC1F6F}" = AMD Catalyst Control Center
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{F4E1D4D6-8931-E3D9-5357-982F1AF94AF0}" = CCC Help Finnish
"{F8F630A7-6789-44D5-8653-3B27969CF337}" = Windows Live Essentials
"{FC0BC4D9-22D7-4BDD-89D7-A8621CEF072F}" = Windows Live UX Platform Language Pack
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF276E55-7261-B929-682C-B590449E3B9E}" = Catalyst Control Center InstallProxy
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"ASIO4ALL" = ASIO4ALL
"Audio Tuner" = Audio Tuner (remove only)
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Brain Workshop_is1" = Brain Workshop 4.8.4
"BSW" = BrettspielWelt
"bwincomPoker" = bwin Poker
"DAEMON Tools Lite" = DAEMON Tools Lite
"FBDBServer_2_5_is1" = Firebird 2.5.0.26074 (Win32)
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"Google Chrome" = Google Chrome
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"IrfanView" = IrfanView (remove only)
"Jak věci pracují 2.0" = Jak věci pracují 2.0
"MiniLyrics" = MiniLyrics
"Open Broadcaster Software" = Open Broadcaster Software
"OpenVPN" = OpenVPN 2.3.2-I003
"Opera 12.17.1863" = Opera 12.17
"Plants vs. Zombies" = Plants vs. Zombies
"SAM3" = SAM Broadcaster (remove only)
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"TeamViewer 9" = TeamViewer 9
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.71_is1" = Total Video Converter 3.71 100812
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1499688777-3318823800-151401397-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5. 9. 2014 1:54:16 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: b48 Čas spuštění: 01cfc8ccc3b90ca6 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: 109eca33-34c1-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
Error - 5. 9. 2014 3:02:31 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: ab0 Čas spuštění: 01cfc8d64c78e252 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: 99967756-34ca-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
Error - 5. 9. 2014 4:02:35 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: cd8 Čas spuštění: 01cfc8deae2edc32 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: fc145791-34d2-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
Error - 5. 9. 2014 4:05:50 | Computer Name = Tom | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Název chybujícího modulu: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Kód výjimky: 0xc0000005 Posun chyby: 0x002a4d82 ID chybujícího
procesu: 0x18c0 Čas spuštění chybující aplikace: 0x01cfc8d6c884dba0 Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe ID zprávy:
728b8f75-34d3-11e4-bf25-50b7c33aa934 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:
Error - 5. 9. 2014 4:15:07 | Computer Name = Tom | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Název chybujícího modulu: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Kód výjimky: 0xc0000005 Posun chyby: 0x002a4d82 ID chybujícího
procesu: 0x15e0 Čas spuštění chybující aplikace: 0x01cfc8e11b64608e Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe ID zprávy:
beb0c357-34d4-11e4-bf25-50b7c33aa934 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:
Error - 5. 9. 2014 4:55:00 | Computer Name = Tom | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Název chybujícího modulu: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Kód výjimky: 0xc0000005 Posun chyby: 0x002a4d82 ID chybujícího
procesu: 0x11e8 Čas spuštění chybující aplikace: 0x01cfc8e242295aa9 Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe ID zprávy:
51478088-34da-11e4-bf25-50b7c33aa934 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:
Error - 5. 9. 2014 4:55:14 | Computer Name = Tom | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Název chybujícího modulu: Audition.exe, verze: 3.0.7283.0, časové
razítko: 0x470d9498 Kód výjimky: 0xc000041d Posun chyby: 0x002a4d82 ID chybujícího
procesu: 0x11e8 Čas spuštění chybující aplikace: 0x01cfc8e242295aa9 Cesta k chybující
aplikaci: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe Audition 3.0\Audition.exe ID zprávy:
593381d7-34da-11e4-bf25-50b7c33aa934 Úplný název chybujícího balíčku: ID aplikace
související s chybujícím balíčkem:
Error - 5. 9. 2014 5:02:31 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 3f0 Čas spuštění: 01cfc8e70ffc5608 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: 5cfdfe11-34db-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
Error - 5. 9. 2014 17:44:22 | Computer Name = Tom | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 5. 9. 2014 18:03:48 | Computer Name = Tom | Source = Application Hang | ID = 1002
Description = Program backgroundTaskHost.exe verze 6.3.9600.16384 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 1ed8 Čas spuštění: 01cfc95435169db8 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\WINDOWS\system32\backgroundTaskHost.exe ID hlášení: 820cfb43-3548-11e4-bf25-50b7c33aa934
Úplný
název chybujícího balíčku: 43255RavenRevolt.Czechsportnews_1.0.0.12_x64__jq9gdnk9pj0cm
ID
aplikace související s chybujícím balíčkem: App
[ System Events ]
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
Error - 2. 5. 2014 6:22:42 | Computer Name = Tom | Source = DCOM | ID = 10010
Description =
< End of report >
Re: preventivka
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2014/09/08 11:37:34
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- Hitachi HTS545050A7E380 SATA Disk Device
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS545050A7E380 : 500,1 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) Hitachi HTS545050A7E380
----------------------------------------------------------------------------
Model : Hitachi HTS545050A7E380
Firmware : GG2OA6C0
Serial Number : TE85113RJ3YU0R
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 3706 hod.
Power On Count : 1790 krát
Temparature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4001h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 241 241 _33 000F00000001 Čas na roztočení ploten
04 _90 _90 __0 0000000040E4 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _92 _92 __0 000000000E7A Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 0000000006FE Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000001 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000005 Počet vypnutí disku
C1 _83 _83 __0 00000002A59A Počet cyklů načítání/vymazání
C2 187 187 __0 003000090020 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 5445 3835 3352 3352 4A33 5955 3052
020: 0003 4000 0004 4747 324F 4330 4330 4869 7461 6368
030: 6920 4854 5335 3435 3035 3745 3745 3338 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 005E 004C
080: 01FC 0028 746B 7D69 6163 BC49 BC49 6163 407F 0032
090: 0033 4001 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 826C 5000 CCA6
110: F7DD FC03 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 FA00 4000 4000 0400 0003 0000
140: 0000 0702 0802 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3232 4236 0000 0000 0000 5DBD 2518 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4CA5
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2014/09/08 11:37:34
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- Hitachi HTS545050A7E380 SATA Disk Device
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS545050A7E380 : 500,1 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) Hitachi HTS545050A7E380
----------------------------------------------------------------------------
Model : Hitachi HTS545050A7E380
Firmware : GG2OA6C0
Serial Number : TE85113RJ3YU0R
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 3706 hod.
Power On Count : 1790 krát
Temparature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4001h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 241 241 _33 000F00000001 Čas na roztočení ploten
04 _90 _90 __0 0000000040E4 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _92 _92 __0 000000000E7A Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 0000000006FE Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000001 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000005 Počet vypnutí disku
C1 _83 _83 __0 00000002A59A Počet cyklů načítání/vymazání
C2 187 187 __0 003000090020 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 5445 3835 3352 3352 4A33 5955 3052
020: 0003 4000 0004 4747 324F 4330 4330 4869 7461 6368
030: 6920 4854 5335 3435 3035 3745 3745 3338 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 005E 004C
080: 01FC 0028 746B 7D69 6163 BC49 BC49 6163 407F 0032
090: 0033 4001 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 826C 5000 CCA6
110: F7DD FC03 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 FA00 4000 4000 0400 0003 0000
140: 0000 0702 0802 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3232 4236 0000 0000 0000 5DBD 2518 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4CA5
Re: preventivka
Napiste mi velikost adresare plochy (C:\Users\Tomas\Desktop)
Vypnete antivir, at nebrani programu v praci. Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:services
AdobeARMservice
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1499688777-3318823800-151401397-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[2013/01/24 18:53:28 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[5 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[20 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Quick Starter"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
> Velikost adresáře Plochy : 3.76 GB
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Public
User: Tomas
->Temp folder emptied: 6418086 bytes
->Temporary Internet Files folder emptied: 97069716 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 375751835 bytes
->Opera cache emptied: 27963814 bytes
->Flash cache emptied: 4404 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12491292 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 73531393 bytes
Total Files Cleaned = 566,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Public
User: Tomas
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1499688777-3318823800-151401397-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spsd folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spbd folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\msd folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Program Files\office.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6C35.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7834.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAC15.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC71C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE7A5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP38D5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5A80.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI14E3.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI2341.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI2530.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI2881.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI340D.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI3585.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI3835.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI3D66.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI4362.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI448C.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI5932.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI85EE.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIAB3A.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIC1DF.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIC5B5.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSID255.tmp deleted successfully.
C:\WINDOWS\Installer\MSID69E.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIE6DC.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIE7F6.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIF93A.tmp- folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Quick Starter deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 09082014_145011
Files\Folders moved on Reboot...
C:\Users\Tomas\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(2014090422320972C).log not found!
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(2014090422320972C).log not found!
C:\WINDOWS\temp\TOM-20140904-2232.log moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Public
User: Tomas
->Temp folder emptied: 6418086 bytes
->Temporary Internet Files folder emptied: 97069716 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 375751835 bytes
->Opera cache emptied: 27963814 bytes
->Flash cache emptied: 4404 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12491292 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 73531393 bytes
Total Files Cleaned = 566,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Public
User: Tomas
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1499688777-3318823800-151401397-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spsd folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\spbd folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\sp folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\msd folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome folder moved successfully.
C:\Users\Tomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Program Files\office.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6C35.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7834.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAC15.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC71C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE7A5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP38D5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5A80.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI14E3.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI2341.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI2530.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI2881.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI340D.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI3585.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI3835.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI3D66.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI4362.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI448C.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI5932.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI85EE.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIAB3A.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIC1DF.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIC5B5.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSID255.tmp deleted successfully.
C:\WINDOWS\Installer\MSID69E.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIE6DC.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIE7F6.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSIF93A.tmp- folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Quick Starter deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 09082014_145011
Files\Folders moved on Reboot...
C:\Users\Tomas\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(2014090422320972C).log not found!
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(2014090422320972C).log not found!
C:\WINDOWS\temp\TOM-20140904-2232.log moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Přispějete na provoz fóra?
