VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

samovolné spouštění IE - vyvolání nechtěných reklam

https://forum.viry.cz:443/viewtopic.php?t=143256

Stránka 1 z 2

samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 27 úno 2015 18:09
od Devil818
Dobrý den, prosím o pomoc. Do PC jsem si zatáhl zřejmě jeden či více virů, bohužel mou hloupostí po spuštění programů, které jsem stáhl z nejmenovaných volných www.xxxx.
V té době jsem používal pouze Firewall od WIN7 a antivir Esential. Po sledování divného chování PC jsem vyzkoušel nainstalovat AVG 30 denní verzi, něco v PC objevilo a odstranilo. Nyní asi zásadní problém je samovolné spuštění IE při spuštění jiného prohlížeče, třeba Chrome, IE je spuštěn v procesech třeba i několikrát a po nějaké době začne PC samo mluvit a někde v procesu na pozadí běží nějaká reklama. Dále jsem dle doporučení Vašich stránek nainstaloval ZoneAlarm a antivir Avira (předchozí jsem samozřejmě odinstaloval) problém nevyřešen. Pomocí Microsoft Safety Scanner jsem zjistil, že v PC je Win32/Obfuscator.XZ. Prosím o radu jak pokračovat dál k úspěšnému odstranění havěti v mém PC. Zde přikládám asi základní Log. Předem děkuji za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Devil at 2015-02-27 17:50:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 38 GB (5%) free of 715 GB
Total RAM: 8067 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:50:56, on 27.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\AbineSDK\IE\DNTPService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Devil.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\bh\zonealarm.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {538793D5-659C-4639-A56C-A179AD87ED44} (Cisco AnyConnect Secure Mobility Client Web Control) - https://vpn.cd.cz/CACHE/stc/1/binaries/vpnweb.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Úložná technologie Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe

--
End of file - 14389 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a6debd98-470b-4cfa-a21a-8f2dd4bc8e81 -SystemEventPortName:HostProcess-032d2a76-af30-448b-a424-39b41e13f5ef -IoCancelEventPortName:HostProcess-e1ae28bb-1457-4a96-85ef-0f2af907fb3d -NonStateChangingEventPortName:HostProcess-127f161a-8796-43c0-9cd5-2db4d9e3ce29 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ca1699f8-ebc6-4dc7-a5e8-cf856d0ed2be -DeviceGroupId:
atieclxx
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 24291552
\??\C:\Windows\system32\conhost.exe "-1878423567669678144-337637966972105572-11041349871227816141981091676-1823255785
"C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe"
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\system32\hasplms.exe -run
"taskhost.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\valWBFPolicyService.exe
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
\??\C:\Windows\system32\conhost.exe "1664001727-659332945-391982504-1729451834-148661276-836737647-11700332691007683835
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000084c
WLIDSvcM.exe 2912
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\wuauclt.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5644.0.272262242\1133832235" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x6840 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.933.3.4000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="5644.1.961347002\538758150" /prefetch:673131151

"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=en-US --uncaught-exception-stack-size=1024 --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3552.1.1916097395\1386819488" /prefetch:673131151
"C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=en-US --uncaught-exception-stack-size=1024 --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3552.2.806964796\1729304049" /prefetch:673131151
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -noframemerging about:blank
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6364 CREDAT:275457 /prefetch:2
ctfmon.exe
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe" /medium
"C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\AbineSDK\IE\DNTPService.exe" -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1708710939-2559178541-428600725-10007_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1708710939-2559178541-428600725-10007 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="5644.10.2141052622\418957291" /prefetch:673131151
"C:\Users\Devil\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 27 úno 2015 19:04
od Rudy
Zdravím!
Jak to vypadá s legalitou vašeho OS?

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 27 úno 2015 19:15
od Devil818
OS je legalne zakoupen WIN 7 profesional, vlastnim original cd i aktivacni kod

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 27 úno 2015 19:52
od Rudy
OK. Zkusíme tento postup:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
a klikněte na >Prohledat<. Dejte oba logy.

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 01:36
od Devil818
OTL Extras logfile created on: 27.2.2015 21:51:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Devil\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,88 Gb Total Physical Memory | 4,82 Gb Available Physical Memory | 61,17% Memory free
15,75 Gb Paging File | 11,86 Gb Available in Paging File | 75,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,54 Gb Total Space | 37,33 Gb Free Space | 5,34% Space Free | Partition Type: NTFS

Computer Name: WORKPC | User Name: Devil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1708710939-2559178541-428600725-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B655C4-385F-45F8-8A7F-41EE0A5FDA12}" = rport=10243 | protocol=6 | dir=out | app=system |
"{04610EB8-22BA-4983-BBE5-FDEB4F67B0B3}" = rport=138 | protocol=17 | dir=out | app=system |
"{0758486D-65C7-4F6B-8893-2CEC29AC239A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0FC3037F-A05F-4EF7-BA0D-45B5EA336A46}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{11945E6E-CAC8-4CF9-A410-7B137B9A304F}" = lport=139 | protocol=6 | dir=in | app=system |
"{1E6AB1DF-FC45-439D-A9ED-1E8519962F26}" = lport=445 | protocol=6 | dir=in | app=system |
"{26FB52D3-7E9B-4EF4-85B9-67B055A9DC05}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{37ACA9EF-9E3D-4EED-825A-247B7D3E32A9}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A3CE3AB-75B6-4FDF-8052-A6FE23968724}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3E41A3E6-A7DB-4219-98F9-CCB761F91511}" = lport=137 | protocol=17 | dir=in | app=system |
"{416A87C4-DD8A-4EEB-899B-FDE32BA5B76F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4653BB75-1FF9-40C9-BEBE-0354177B3C1F}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{54C741D0-8392-4950-8D63-13ABF72FEA9A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{60ABF35A-C0C4-4536-B088-C8C07D0B95E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6948A0BD-BCB3-407A-AE9B-B6CA08272BA1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{6DCFEE7E-18FA-4098-9C41-2C78E88C398D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6E0E2E04-24A8-4B2D-8D20-831D19E53891}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{781F1352-D4BB-42CD-B655-6BA825523E24}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{7A842E7C-B85C-405C-8A86-5795D6EC587A}" = rport=139 | protocol=6 | dir=out | app=system |
"{8A58C5F7-D10B-465F-BF28-91CCC48113A1}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{8B671621-4C08-4E91-85F2-307C9095D6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{8E9E22BD-BDAB-433A-88A3-24D1E27C66E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3E678E4-5BD4-4179-BBAE-E9DAB3EE91EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B79524CF-9B76-493C-8B3D-926ED0E4364C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C45228BC-234E-4661-8628-6BA9E204A8AB}" = lport=138 | protocol=17 | dir=in | app=system |
"{D7CCF856-DD2F-4645-A955-C729BEC69F1F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D986674E-3A8B-4E87-A546-A821F1646BBB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E84C7081-2210-44C4-8241-35D7FD961B1D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FB3C758E-5194-4C3D-9CE7-D20E329C2CAD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06FCA837-7C3E-415A-83A5-53B6133FD3B5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{111CE031-E527-40DD-8FC5-0F4F4A910C73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{14650839-5276-4CF9-97D7-F35D12F27A98}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1C449AAB-E497-4D8B-A29D-60546780E275}" = protocol=6 | dir=in | app=c:\program files (x86)\checkpoint\zonealarm\vsmon.exe |
"{249D2674-A644-490F-928C-13692E1BE384}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{25B5516E-BF17-4EF5-A407-50AA73FFDDB3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2DE71E5A-B0E9-4E34-A7E9-B2FB0C64AEEF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{34CB04E0-CCA0-48E7-8FEB-E2549CC496C5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38E01979-8654-470F-A138-78B40F9E9555}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3BCD0F3C-468C-486F-8247-CD49F31D23A2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{3CB6910D-9B4A-41CE-8197-C8F1D405BF13}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4597FE56-8A8E-42C8-8C90-210952E6EE61}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50F3721F-D424-4516-9C4B-9CE009F535BC}" = dir=in | app=c:\windows\system32\hasplms.exe |
"{608EA2C4-0B9C-401A-83A8-4065E5CBBF5A}" = dir=in | app=c:\windows\system32\hasplms.exe |
"{66C5E4A6-9CD1-41AB-8094-EDD4601FE6EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{698FEB8A-2C1A-46AD-AF77-C12EDA759298}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{6EB8B797-125E-4E73-BEEF-946BF862E8DB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7776B74E-CDC4-4E10-83A6-90C90EF830BE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8692EEA0-2906-4665-A9C2-2F138BB1B69A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9085B325-5BF9-4AE2-8881-1779E50456D7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{9279FB3E-C17A-4581-97F1-D2CF611E95AC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{9E9D3219-9CBD-4A6D-8726-50F5DD73D5CD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{A43A82D7-73F6-4B04-BCBA-A5C252860A64}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{A5D8DA8A-7BD6-4412-85F4-72CF260F6E42}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B4F5C059-D3F7-4ED8-ACE0-7D179AD78ADC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BB8C98F0-7162-4A44-BD14-16B6CCB85232}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{BC3DFD98-0911-4B79-A9C3-FA28F3E153C8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{BCBB2479-3DB3-4770-930F-510342681F1F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BD6EA2BF-A5C7-4104-8943-D8C559D99DE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BFE940E2-ACD8-4D38-A109-0D5F17830E1E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{C5CACB70-DA5D-473C-B477-63057FB6442F}" = protocol=17 | dir=in | app=c:\program files (x86)\checkpoint\zonealarm\vsmon.exe |
"{C671D94C-6A9F-45BD-BCB6-6897039488A8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{C729F935-4F6F-4368-BD39-B02D076B7FC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C93C3EE0-FDE2-4B1E-9325-AB6554B04C53}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CD80753C-5E09-4435-84A9-8D7AAC475A2E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D08FEDE0-8E77-4699-BB42-0F626EB6AF78}" = protocol=17 | dir=in | app=c:\program files (x86)\checkpoint\zonealarm\vsmon.exe |
"{D0D96904-DB59-45EA-A279-7CBD14D96370}" = dir=in | app=c:\windows\system32\hasplms.exe |
"{D0E61947-27D3-4E4C-A726-3A701904F729}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{DD5AC5B1-9C80-48E8-A00F-1094823B57ED}" = protocol=6 | dir=in | app=c:\program files (x86)\checkpoint\zonealarm\vsmon.exe |
"{E507A139-A16F-433F-911C-ACB6A494E980}" = protocol=6 | dir=out | app=system |
"{F169ACF2-7FE9-45D5-851D-A68F40E2F639}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F6958E2B-96DA-47F5-963B-05783A5068D0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{F79813FE-FEF4-42AB-B2E1-AA8F0E01151B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FED4B8A6-2A05-4650-95C5-A92C83029C34}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Prostředí Windows XP Mode
"{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb" = GOG.com Heroes of Might and Magic 3
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{2FBB71EF-2B9E-C874-6F63-5220507EE9FC}" = ccc-utility64
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5596D45A-FF2F-F8EF-8A43-5723A9C8CDFF}" = AMD AVIVO64 Codecs
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5783F2D7-D001-0409-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack - English
"{5783F2D7-D001-0409-2102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D2EBABAC-7DA0-FAD4-7FAE-8D3C2EA779F3}" = AMD Catalyst Install Manager
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"AutoCAD 2014 - English" = Autodesk AutoCAD 2014 - English
"Autodesk ReCap" = Autodesk ReCap
"CCleaner" = CCleaner
"D3D5243E35F0E912D4EBC814E30F950D23D4C15B" = Balíček ovladače systému Windows - Broadcom (BcmVWL) Net (10/21/2011 6.20.55.1)
"DW WLAN Card Utility" = DW WLAN Card Utility
"Elantech" = Dell Touchpad
"MediaInfo" = MediaInfo 0.7.72
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"PC-Doctor for Windows" = Dell SupportAssist

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C2381E-E648-6E04-47AD-7CD36E1F148D}" = CCC Help Japanese
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{034D5ABF-A7C7-3E7D-97DE-65F09EEF5A33}" = Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (čeština)
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05660232-BD64-EA97-791B-4220E0FC753C}" = CCC Help English
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Free 9.0
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0C35B2D7-8F4B-4EEC-8B90-BDC19E0E6312}" = Logicator for PIC micros
"{15B52B00-5330-CEF8-0C74-0E0890EB22BA}" = CCC Help Dutch
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1770B512-D768-92E1-53AA-E6491401F98A}" = CCC Help Russian
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19E8AE59-4D4A-3534-B567-6CC08FA4102E}" = Microsoft .NET Framework 4.5.2 Multi-Targeting Pack
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{260D380B-BA85-F4E0-5B3C-99195B7B3EB5}" = CCC Help German
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A414CBE-CDF3-48C6-A91B-D3D4522F8EB5}" = Sentinel Runtime
"{32BB5E7C-204A-5E24-0250-851BE3D4E294}" = CCC Help Finnish
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{428A38D6-791D-4FE5-BA82-D093D26D1D9F}" = Programming Editor
"{462A1E00-58EA-4D63-96F4-3EFAEC9A5BCA}" = Avira
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F33252D-CB08-8AB5-A488-82C1D0B54622}" = CCC Help Korean
"{5058B085-AA79-41E5-A726-681B4C4B846E}" = ACDSee 5.0 PowerPack
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{51FDC2DE-0917-46B7-EAEC-5377504701DE}" = PowerXpressHybrid
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5FE0441B-A340-E612-A9F8-44EFB53ED191}" = CCC Help Chinese Standard
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{616C96AC-9B4B-4446-8583-A10C2FDA24A4}" = ZoneAlarm Firewall
"{61C559D2-5039-4970-A42C-EDD50E23943C}" = Catalyst Control Center - Branding
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{63A9253B-9FFE-F430-DDF4-C414B58D8B1D}" = CCC Help Spanish
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{74ABBA2E-1A82-E46E-FF0B-2F830E60B418}" = Catalyst Control Center InstallProxy
"{7AA2C7DA-ECDD-46CC-9716-313B0EA050EB}_is1" = PolarEditOctagon 10x8 v 0.7.2.7
"{7C222DD9-097A-4E53-B8BD-883B68D9537A}" = Cisco AnyConnect Secure Mobility Client
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{819E24AA-DB15-4BA8-8D76-92BDF710610B}" = Adobe Setup
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{838A9A22-30DE-D6E2-86E9-5923114D5FFA}" = Catalyst Control Center Profiles Mobile
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E44476E-11BF-41A5-A457-266FD27F344D}" = ZoneAlarm Security
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BBFB282-2871-B5E6-1FDE-55309355AD39}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}" = ST Microelectronics 3 Axis Digital Accelerometer Solution
"{9F8FDE1A-FA91-43F2-887B-CF080156D57E}" = Adobe Setup
"{9FCCAFDC-4678-B87E-371E-EBCB1BB41F5B}" = CCC Help Danish
"{A502A400-0CEF-42E6-BC7B-39B249703CFC}" = MainConcept DV Codec
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Czech
"{B0B398F4-FF47-7F9D-0C9E-5C762DEC6D25}" = CCC Help French
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{bd538030-07d4-4999-a525-7fafa2483f56}" = Avira
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C3E7D4E3-6551-C8A4-7D68-6D5E298D55C3}" = CCC Help Portuguese
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C9B43FEB-41D1-980E-4DAD-303EAA42915B}" = Catalyst Control Center
"{CBAC9563-31EC-EBAF-245A-BD5D6980A289}" = CCC Help Norwegian
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D3BC949B-4CA0-64B3-B88C-E13F45E07DCD}" = CCC Help Italian
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DAE6ACFB-04E0-5960-4EC9-635E4572F66A}" = PX Profile Update
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DED623A4-B8BB-5A9C-5178-4E89A66D6AC8}" = CCC Help Chinese Traditional
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{EAE153AD-5864-A890-B5C9-1114E17E13CC}" = Catalyst Control Center Localization All
"{EC68232E-C74E-4F1A-B296-DFD2E1944E10}" = Adobe Setup
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = Conexant HD Audio
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe_26b63376f4efc354dae41af6b5e3343" = Adobe Premiere Pro CS4
"Adobe_5eba9bbdf1514a06b1a4c79a2920188" = Adobe Media Encoder CS4 Exporter
"Adobe_6e02d32c7e5a9d9fc86bc91618cafda" = Adobe Premiere Pro CS4 Third Party Content
"Adobe_7774cb1e022c49962995a9014500066" = Adobe Media Encoder CS4 Importer
"Autodesk Content Service" = Autodesk Content Service
"AVG Web TuneUp" = AVG Web TuneUp
"Avira AntiVir Desktop" = Avira Free Antivirus
"Avira System Speedup_is1" = Avira System Speedup 1.6
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"GOGPACKHOMM3COMPLETE_is1" = Heroes of Might and Magic 3 Complete
"Google Chrome" = Google Chrome
"InstallShield_{A502A400-0CEF-42E6-BC7B-39B249703CFC}" = MainConcept DV Codec
"MiniTool Power Data Recovery_is1" = MiniTool Power Data Recovery
"Mosaic_Integrated_Development_Environment_is1" = Mosaic 2014.3
"New LEGO Digital Designer" = LEGO Digital Designer
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PSPad editor_is1" = PSPad editor
"TeamViewer 9" = TeamViewer 9
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"zonealarm" = ZoneAlarm Security Toolbar
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1708710939-2559178541-428600725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"73f463568823ebbe" = Dell System Detect
"SeznamInstall" = Seznam Software
"zonealarm" = ZoneAlarm Security Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20.2.2015 15:38:42 | Computer Name = WORKPC | Source = WinMgmt | ID = 10
Description =

Error - 20.2.2015 19:37:44 | Computer Name = WORKPC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 20.2.2015 19:39:22 | Computer Name = WORKPC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.

Error - 21.2.2015 17:37:04 | Computer Name = WORKPC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Heroes3.exe, verze: 4.0.0.0, časové razítko:
0x39b83835 Název chybujícího modulu: Heroes3.exe, verze: 4.0.0.0, časové razítko:
0x39b83835 Kód výjimky: 0xc0000005 Posun chyby: 0x001ed91b ID chybujícího procesu:
0x1aa4 Čas spuštění chybující aplikace: 0x01d04e134c9e5478 Cesta k chybující aplikaci:
C:\GOG Games\Heroes of Might and Magic 3 Complete\Heroes3.exe Cesta k chybujícímu
modulu: C:\GOG Games\Heroes of Might and Magic 3 Complete\Heroes3.exe ID zprávy:
c65b83c6-ba11-11e4-92b5-f82fa8c73b6a

Error - 21.2.2015 17:37:09 | Computer Name = WORKPC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Heroes3.exe, verze: 4.0.0.0, časové razítko:
0x39b83835 Název chybujícího modulu: MP3DEC.ASI, verze: 3.0.0.0, časové razítko:
0x36910efa Kód výjimky: 0xc0000005 Posun chyby: 0x000018e5 ID chybujícího procesu:
0x1aa4 Čas spuštění chybující aplikace: 0x01d04e134c9e5478 Cesta k chybující aplikaci:
C:\GOG Games\Heroes of Might and Magic 3 Complete\Heroes3.exe Cesta k chybujícímu
modulu: C:\GOG Games\Heroes of Might and Magic 3 Complete\MP3DEC.ASI ID zprávy:
c968f647-ba11-11e4-92b5-f82fa8c73b6a

Error - 22.2.2015 14:34:15 | Computer Name = WORKPC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 22.2.2015 14:35:51 | Computer Name = WORKPC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.

Error - 23.2.2015 6:34:55 | Computer Name = WORKPC | Source = WinMgmt | ID = 10
Description =

Error - 24.2.2015 3:48:42 | Computer Name = WORKPC | Source = WinMgmt | ID = 10
Description =

Error - 24.2.2015 15:59:34 | Computer Name = WORKPC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Photoshop.exe, verze: 8.0.0.0, časové razítko:
0x401f80df Název chybujícího modulu: Photoshop.exe, verze: 8.0.0.0, časové razítko:
0x401f80df Kód výjimky: 0xc0000005 Posun chyby: 0x00999f6a ID chybujícího procesu:
0x174c Čas spuštění chybující aplikace: 0x01d0506c3a4677b7 Cesta k chybující aplikaci:
C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe ID zprávy: a6bc8851-bc5f-11e4-8e73-f82fa8c73b6a

Error - 24.2.2015 16:04:06 | Computer Name = WORKPC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: acad.exe, verze: 25.1.18.0, časové razítko:
0x5114be09 Název chybujícího modulu: mfc100u.dll, verze: 10.0.40219.325, časové
razítko: 0x4df2cfdb Kód výjimky: 0xc0000005 Posun chyby: 0x000000000022a6c5 ID chybujícího
procesu: 0x250 Čas spuštění chybující aplikace: 0x01d0500672a01b65 Cesta k chybující
aplikaci: C:\Program Files\Autodesk\AutoCAD 2014\acad.exe Cesta k chybujícímu modulu:
C:\Windows\system32\mfc100u.dll ID zprávy: 48d5a82f-bc60-11e4-8e73-f82fa8c73b6a

[ Broadcom Wireless LAN Events ]
Error - 12.1.2015 16:36:56 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 21:36:56, Mon, Jan 12, 15 Error - Unable to set enhanced country code


Error - 12.1.2015 16:52:43 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 21:52:43, Mon, Jan 12, 15 Error - Unable to set enhanced country code


Error - 12.1.2015 16:52:52 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 21:52:52, Mon, Jan 12, 15 Error - Unable to set enhanced country code


Error - 13.1.2015 2:09:48 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 07:09:48, Tue, Jan 13, 15 Error - Unable to set enhanced country code


Error - 13.1.2015 2:09:57 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 07:09:57, Tue, Jan 13, 15 Error - Unable to set enhanced country code


Error - 13.1.2015 2:18:44 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 07:18:44, Tue, Jan 13, 15 Error - Unable to set enhanced country code


Error - 13.1.2015 2:18:44 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 07:18:44, Tue, Jan 13, 15 Error - Unable to set enhanced country code


Error - 13.1.2015 2:18:55 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 07:18:55, Tue, Jan 13, 15 Error - Unable to set enhanced country code


Error - 13.1.2015 14:46:22 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 19:46:22, Tue, Jan 13, 15 Error - Unable to set enhanced country code


Error - 13.1.2015 14:46:29 | Computer Name = WORKPC | Source = WLAN-Tray | ID = 0
Description = 19:46:29, Tue, Jan 13, 15 Error - Unable to set enhanced country code


[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 27.2.2015 12:31:56 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
304 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT

Error - 27.2.2015 12:31:56 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
1655 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT

Error - 27.2.2015 12:32:14 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CTlsTransport::OnTransportInitiateComplete File: .\IP\TlsTransport.cpp
Line:
384 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
-31588316 (0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT

Error - 27.2.2015 12:32:14 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
304 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT

Error - 27.2.2015 12:32:14 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
1655 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT

Error - 27.2.2015 12:32:22 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
304 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT

Error - 27.2.2015 12:32:22 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
1655 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT

Error - 27.2.2015 12:32:22 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1384 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target

Error - 27.2.2015 12:32:22 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
777 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target

Error - 27.2.2015 12:32:22 | Computer Name = WORKPC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
230 Invoked Function: CNetEnvironment::testNetwork Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target

[ System Events ]
Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7000
Description = Služba Hostitel diagnostického systému neuspěla při spuštění v důsledku
následující chyby: %%1115

Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7000
Description = Služba Server neuspěla při spuštění v důsledku následující chyby:
%%1115

Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1115

Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7038
Description = Služba PolicyAgent se nemohla přihlásit jako NT Authority\NetworkService
s aktuálně konfigurovaným heslem z důvodu následující chyby: %%50 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7000
Description = Služba Agent zásad protokolu IPsec neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7000
Description = Služba Funkčnost aplikací neuspěla při spuštění v důsledku následující
chyby: %%1115

Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7038
Description = Služba Dhcp se nemohla přihlásit jako NT Authority\LocalService s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%50 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7000
Description = Služba Klient DHCP neuspěla při spuštění v důsledku následující chyby:
%%1069

Error - 25.2.2015 18:10:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7001
Description = Služba Služba WinHTTP WPAD závisí na službě Klient DHCP, která neuspěla
při spuštění v důsledku následující chyby: %%1069

Error - 26.2.2015 6:40:42 | Computer Name = WORKPC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL


< End of report >

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 01:41
od Devil818
OTL logfile created on: 27.2.2015 21:51:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Devil\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,88 Gb Total Physical Memory | 4,82 Gb Available Physical Memory | 61,17% Memory free
15,75 Gb Paging File | 11,86 Gb Available in Paging File | 75,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,54 Gb Total Space | 37,33 Gb Free Space | 5,34% Space Free | Partition Type: NTFS

Computer Name: WORKPC | User Name: Devil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2015.02.27 21:48:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Devil\Downloads\OTL.exe
PRC - [2015.02.17 23:45:00 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.01.22 21:07:11 | 003,081,752 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
PRC - [2015.01.22 21:07:11 | 001,850,392 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
PRC - [2015.01.22 21:07:11 | 001,359,384 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
PRC - [2015.01.22 21:07:11 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
PRC - [2015.01.19 12:06:46 | 000,126,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2015.01.19 12:06:40 | 000,182,520 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.11.24 10:23:31 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014.11.24 10:23:22 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014.11.24 10:23:21 | 000,702,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014.11.19 16:35:41 | 000,707,984 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2014.11.19 16:35:26 | 000,562,576 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2014.11.15 00:08:52 | 000,309,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2014.09.12 19:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.08.13 11:21:08 | 003,596,752 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2014.08.13 11:19:52 | 000,137,352 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2014.08.13 10:16:12 | 000,096,272 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2014.07.14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014.07.14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013.07.04 05:46:40 | 000,297,336 | ---- | M] (Abine Inc.) -- C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\AbineSDK\IE\DNTPService.exe
PRC - [2012.12.21 03:27:56 | 000,291,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.12.13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2012.11.19 12:15:20 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.11.19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.09.24 07:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE


========== Modules (No Company Name) ==========

MOD - [2015.02.18 21:43:11 | 000,133,120 | ---- | M] () -- C:\Users\Devil\AppData\Roaming\vopnffll\colers.dll
MOD - [2015.02.17 23:44:57 | 009,171,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
MOD - [2015.02.17 23:44:53 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
MOD - [2015.02.17 23:44:51 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
MOD - [2015.01.22 21:07:11 | 040,630,296 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
MOD - [2015.01.22 21:07:11 | 003,081,752 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
MOD - [2015.01.22 21:07:11 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\log4cplusU.dll
MOD - [2014.11.19 16:36:09 | 000,063,376 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2014.11.16 00:24:18 | 001,071,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\a3ab3961c1e2c3b98a3397d11eb38d2b\System.ServiceModel.Web.ni.dll
MOD - [2014.11.16 00:24:09 | 002,521,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\fe2cb2914ea1b581299e58364574a1c3\System.Data.Linq.ni.dll
MOD - [2014.11.16 00:23:59 | 001,033,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\277ac466da7add095f06cf9ce9b1d9d3\System.ComponentModel.Composition.ni.dll
MOD - [2014.11.16 00:23:52 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\9e42fe7c83345249b5dde1693d1bf8b5\PresentationFramework-SystemXml.ni.dll
MOD - [2014.11.16 00:23:52 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\92edcd808511b7f4b642f922f8ebc31c\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014.11.16 00:23:51 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\825c2900a23128a2fd3de768abc9b023\PresentationFramework-SystemData.ni.dll
MOD - [2014.11.16 00:23:30 | 002,964,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\893a4abb6db1e57c15f1f831cd6420e1\System.IdentityModel.ni.dll
MOD - [2014.11.16 00:23:28 | 000,392,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\dc6525681fbd6d2b2f1a66db7031f527\System.Xml.Linq.ni.dll
MOD - [2014.11.16 00:23:27 | 019,547,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\3d1acd5d42efed17d6c6ce2836a7403e\System.ServiceModel.ni.dll
MOD - [2014.11.16 00:23:17 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\0889e04be40c4352c1a3279b49ac2c86\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2014.11.16 00:23:00 | 000,362,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\61b4f6171008fd1ddd253ed2d1198096\IAStorUtil.ni.dll
MOD - [2014.11.16 00:22:59 | 002,803,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ad1a5e8488b493088c4317191604dc81\System.Runtime.Serialization.ni.dll
MOD - [2014.11.16 00:22:59 | 000,788,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\9d31dc037429437307aacdbcb88bab3c\System.ServiceModel.Internals.ni.dll
MOD - [2014.11.16 00:22:59 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\6e7ce9401fda1718a4b6e3a27e8de909\SMDiagnostics.ni.dll
MOD - [2014.11.15 20:16:25 | 018,753,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d747bc7ada99b5060484e3095274c9d0\PresentationFramework.ni.dll
MOD - [2014.11.15 20:16:16 | 011,014,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b96f42b103d3455036bbeb8fee037931\PresentationCore.ni.dll
MOD - [2014.11.15 20:16:15 | 007,386,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\5b51c6c31291676944903acbbf711d8d\System.Data.ni.dll
MOD - [2014.11.15 20:16:14 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\bcc9a98d4cae057c7278f80d56836140\System.Windows.Forms.ni.dll
MOD - [2014.11.15 20:16:12 | 007,787,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a4066040e82329538bec1a194a222d93\System.Xml.ni.dll
MOD - [2014.11.15 20:16:11 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\32282378a8280af393b626510cf4a5b9\System.Core.ni.dll
MOD - [2014.11.15 20:16:10 | 003,904,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\96ef38bc80d4e36e0812ee749f90f435\WindowsBase.ni.dll
MOD - [2014.11.15 20:16:09 | 001,873,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b743aed31731aa473e125bb63f43b3f4\System.Xaml.ni.dll
MOD - [2014.11.15 20:16:08 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\53d0b6fa2fc28f7d50f84999fc2a1bbf\System.Drawing.ni.dll
MOD - [2014.11.15 20:16:08 | 000,458,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\5e3e26e6c81809aab854ea76a884fde2\PresentationFramework.Aero.ni.dll
MOD - [2014.11.15 20:16:07 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8b7f1232264c4795152f77a2434c02ab\System.Configuration.ni.dll
MOD - [2014.11.15 20:16:07 | 000,218,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\3f0f817ec8615abe26906aa354a29e71\System.ServiceProcess.ni.dll
MOD - [2014.11.15 20:16:06 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll
MOD - [2014.11.15 00:22:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\191cccca53af603f41564a8b3d0f7df2\IAStorCommon.ni.dll
MOD - [2014.11.14 22:36:53 | 000,146,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\de2a832558f95db343e443c365bd3575\System.Numerics.ni.dll
MOD - [2014.11.14 21:24:04 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013.07.04 05:46:38 | 000,598,392 | ---- | M] () -- C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\AbineSDK\IE\DNTPContentFilter.dll


========== Services (SafeList) ==========

SRV:64bit: - [2015.01.12 03:34:30 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.11.14 19:39:01 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:64bit: - [2014.11.11 22:12:11 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2014.10.01 19:54:24 | 000,319,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014.07.24 22:36:00 | 000,049,040 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:64bit: - [2014.07.15 02:28:02 | 004,683,144 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.03.05 18:38:54 | 000,952,608 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012.03.05 00:38:52 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.02.18 22:23:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2015.02.04 22:22:11 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.01.22 21:07:11 | 001,850,392 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe -- (vToolbarUpdater18.2.0)
SRV - [2015.01.19 12:06:40 | 000,182,520 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.12.11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.11.24 10:23:31 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014.11.24 10:23:22 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014.11.19 16:35:26 | 000,562,576 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2014.09.12 19:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014.08.13 11:21:08 | 003,596,752 | ---- | M] (Check Point Software Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2014.08.13 10:16:12 | 000,096,272 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2014.07.14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014.07.14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014.04.11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012.12.13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2012.11.19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.09.07 14:06:26 | 002,464,400 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.03.19 12:14:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015.01.22 21:07:11 | 000,052,000 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014.11.24 10:23:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2014.11.24 10:23:22 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014.11.24 10:23:21 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014.11.19 16:09:52 | 000,112,496 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2014.11.11 22:12:13 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2014.11.11 22:12:12 | 000,615,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2014.11.11 22:12:12 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2014.11.11 22:12:12 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2014.11.11 22:12:12 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2014.11.11 22:12:12 | 000,021,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2014.11.11 22:12:12 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2014.11.11 22:12:11 | 000,022,632 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2014.08.15 19:07:44 | 000,052,592 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64-6.sys -- (vpnva)
DRV:64bit: - [2014.08.13 10:16:02 | 000,450,456 | ---- | M] (Check Point Software Technologies Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2014.07.15 02:28:00 | 000,331,608 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2014.07.15 02:28:00 | 000,060,488 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2014.07.15 02:27:58 | 000,162,136 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2014.07.15 02:27:58 | 000,091,784 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2014.04.14 21:07:44 | 000,359,688 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013.10.02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.09.30 16:26:50 | 000,019,152 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.09.30 16:26:48 | 000,012,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013.08.01 15:11:56 | 000,303,624 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2013.08.01 15:11:56 | 000,063,944 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2012.12.04 16:51:12 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.12.04 16:51:12 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.12.04 16:51:10 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.11.19 12:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.11.19 12:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.09.04 13:49:42 | 000,317,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012.09.04 13:49:42 | 000,019,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rtcrfilt64.sys -- (rtcrfilt64)
DRV:64bit: - [2012.08.23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.03.22 08:30:04 | 005,443,648 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.03.19 12:02:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012.03.19 12:02:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.14 06:31:36 | 000,067,184 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ST_ACCEL.sys -- (ST_ACCEL)
DRV:64bit: - [2012.03.09 16:11:16 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.03.05 01:04:48 | 010,729,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.03.04 23:35:44 | 000,328,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.01 08:24:56 | 000,031,872 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2011.07.15 21:31:22 | 000,022,128 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009.07.14 01:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009.07.14 01:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.02.06 03:00:00 | 000,054,480 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007.07.31 19:04:48 | 000,090,112 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV - [2014.12.28 11:33:12 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Devil\Downloads
IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..\SearchScopes\{559843EC-D735-463C-B943-97A2F75B9427}: "URL" = http://search.zonealarm.com/search?src= ... ver=&&r=72
IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... EB_csCZ614
IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={1A ... 2015-01-22 21:07:50&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2015.02.08 20:23:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Devil\AppData\Roaming\Mozilla\Firefox\Profiles\QXlMKf9Q.default\extensions
[2015.02.08 20:23:49 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\Devil\AppData\Roaming\Mozilla\Firefox\Profiles\QXlMKf9Q.default\extensions\abs@avira.com
[2015.02.08 15:09:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2015.02.18 22:21:53 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\bh\zonealarm.dll (Check Point Software Technologies LTD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe ()
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies Ltd.)
O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1708710939-2559178541-428600725-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..Trusted Domains: dell.com ([]* in Důvěryhodné weby)
O16 - DPF: {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn.cd.cz/CACHE/stc/1/binaries/vpnweb.cab (Cisco AnyConnect Secure Mobility Client Web Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DA65132-F339-4CBC-BC75-1E6DAF1FD87F}: DhcpNameServer = 10.0.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.02.07 21:04:36 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Windows\SysWow64\MCDVD_32.DLL (MainConcept AG)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.02.27 21:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0215tb
[2015.02.27 17:50:47 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.02.27 17:50:47 | 000,000,000 | ---D | C] -- C:\rsit
[2015.02.19 16:10:37 | 000,000,000 | ---D | C] -- C:\a
[2015.02.18 22:33:30 | 000,054,480 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2015.02.18 22:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2015.02.18 22:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2015.02.18 22:31:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2015.02.18 22:30:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2015.02.18 22:29:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2015.02.18 22:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2015.02.18 22:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2015.02.18 21:50:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MainConcept
[2015.02.18 21:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MainConcept
[2015.02.18 21:43:11 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\vopnffll
[2015.02.18 21:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\MediaInfo
[2015.02.18 19:37:00 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2015.02.18 19:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2015.02.18 19:33:20 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2015.02.18 19:33:20 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2015.02.18 19:31:57 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2015.02.18 19:31:57 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2015.02.18 19:30:28 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Local\Windows Live
[2015.02.18 19:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2015.02.18 18:32:22 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2015.02.18 16:34:57 | 000,000,000 | R--D | C] -- C:\Users\Devil\Virtual Machines
[2015.02.18 16:24:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2015.02.18 16:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2015.02.18 16:20:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2015.02.18 16:20:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2015.02.18 16:20:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2015.02.18 16:20:42 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2015.02.18 16:20:42 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2015.02.18 16:20:42 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2015.02.18 16:20:42 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2015.02.18 16:20:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2015.02.18 16:20:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2015.02.18 16:20:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2015.02.18 16:20:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2015.02.18 16:20:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2015.02.18 16:20:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2015.02.18 16:20:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2015.02.18 16:20:41 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2015.02.18 16:20:41 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2015.02.18 16:20:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2015.02.18 16:20:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2015.02.18 16:20:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2015.02.18 16:20:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2015.02.18 16:20:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2015.02.18 16:20:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2015.02.18 16:20:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2015.02.18 16:20:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2015.02.18 16:20:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2015.02.18 16:20:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2015.02.18 16:20:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2015.02.18 16:20:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2015.02.18 16:20:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2015.02.18 16:20:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2015.02.18 16:20:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2015.02.18 16:20:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2015.02.18 16:20:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpchbus.sys.mui
[2015.02.18 16:20:40 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2015.02.18 16:20:40 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2015.02.18 16:20:40 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2015.02.18 16:20:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2015.02.18 16:20:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2015.02.18 16:20:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2015.02.18 16:20:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2015.02.18 16:20:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2015.02.18 16:20:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcvmm.sys.mui
[2015.02.18 16:20:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcuxd.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2015.02.18 16:20:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcnfltr.sys.mui
[2015.02.18 16:20:38 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2015.02.18 16:20:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcusb.sys.mui
[2015.02.18 16:20:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2015.02.18 16:20:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2015.02.18 16:20:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2015.02.18 16:20:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2015.02.18 16:20:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2015.02.18 16:20:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2015.02.18 16:20:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2015.02.18 16:20:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2015.02.18 16:20:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2015.02.18 16:20:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2015.02.18 16:20:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2015.02.18 16:20:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2015.02.18 16:20:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2015.02.18 16:20:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2015.02.18 16:20:36 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2015.02.18 16:20:36 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2015.02.18 16:20:36 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2015.02.18 16:20:36 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2015.02.18 16:20:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2015.02.18 16:20:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2015.02.18 16:20:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2015.02.18 16:20:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2015.02.18 16:20:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2015.02.18 16:20:34 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2015.02.18 16:20:34 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2015.02.18 16:20:34 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2015.02.18 16:20:34 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2015.02.18 16:20:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2015.02.18 16:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2015.02.18 16:20:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2015.02.18 16:20:21 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2015.02.18 16:20:21 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2015.02.18 16:20:21 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2015.02.18 16:20:21 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2015.02.18 16:20:21 | 000,360,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2015.02.18 16:20:21 | 000,194,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2015.02.18 16:20:21 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2015.02.18 16:20:21 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2015.02.18 16:20:13 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2015.02.18 16:20:12 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2015.02.18 16:20:12 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2015.02.18 16:19:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2015.02.18 16:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2015.02.17 20:04:49 | 006,041,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.02.17 20:04:49 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.02.17 20:04:49 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.02.14 18:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2015.02.14 18:04:40 | 000,000,000 | ---D | C] -- C:\GOG Games
[2015.02.14 17:55:05 | 000,000,000 | ---D | C] -- C:\Users\Devil\Desktop\Radim
[2015.02.11 21:50:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2015.02.11 21:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2015.02.11 20:07:21 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.02.11 20:07:20 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015.02.11 20:07:11 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.02.11 20:07:01 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.02.11 20:07:01 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.02.11 20:07:00 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.02.11 20:07:00 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.02.11 20:07:00 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.02.11 20:07:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.02.11 20:07:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.02.11 20:07:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.02.11 20:07:00 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.02.11 20:06:59 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.02.11 20:06:58 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.02.11 20:06:58 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.02.11 20:06:58 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.02.11 20:06:58 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.02.11 20:06:58 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.02.11 20:06:58 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.02.11 20:06:58 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.02.11 20:06:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.02.11 20:06:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.02.11 20:06:57 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.02.11 20:06:57 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.02.11 20:06:57 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.02.11 20:06:56 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.02.11 20:06:56 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.02.11 20:06:56 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.02.11 20:06:56 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.02.11 20:06:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.02.11 20:06:55 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.02.11 20:06:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.02.11 20:06:54 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.02.11 20:06:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.02.11 20:06:53 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.02.11 20:05:26 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015.02.11 20:05:21 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.02.11 20:05:21 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.02.11 20:05:21 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.02.11 20:05:21 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.02.11 20:05:21 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.02.11 20:05:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.02.11 20:05:21 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.02.11 20:05:21 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.02.11 20:05:21 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.02.11 20:05:20 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.02.11 20:05:20 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.02.11 20:05:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.02.11 20:00:43 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015.02.11 20:00:14 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015.02.11 20:00:14 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015.02.11 20:00:06 | 005,554,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.02.11 20:00:05 | 003,972,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.02.11 20:00:04 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.02.11 20:00:04 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.02.11 20:00:04 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.02.11 20:00:04 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.02.10 20:27:32 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015.02.10 20:27:32 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015.02.08 20:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
[2015.02.08 20:57:25 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Local\AviraSpeedup
[2015.02.08 20:28:42 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\Avira
[2015.02.08 20:25:14 | 000,043,064 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2015.02.08 20:23:45 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\Mozilla
[2015.02.08 20:22:21 | 000,131,608 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2015.02.08 20:22:21 | 000,119,272 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2015.02.08 20:22:21 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2015.02.08 20:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2015.02.08 20:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2015.02.08 20:16:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2015.02.08 20:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015.02.08 18:37:28 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\nzctrrzk
[2015.02.08 15:13:58 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Local\DoNotTrackPlus
[2015.02.08 15:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2015.02.08 15:09:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD
[2015.02.08 15:09:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.02.08 15:09:21 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\Check Point Software Technologies LTD
[2015.02.08 15:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2015.02.08 15:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2015.02.08 10:50:20 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\SUPERAntiSpyware.com
[2015.02.08 10:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2015.02.08 01:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2015.02.08 00:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2015.02.07 21:04:03 | 000,000,000 | ---D | C] -- C:\Users\Devil\Start Menu
[2015.02.07 12:57:07 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\vlc
[2015.02.07 12:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2015.02.07 12:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2015.02.06 19:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.8
[2015.02.06 19:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerDataRecovery
[2015.02.06 18:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0
[2015.02.06 18:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
[2015.02.04 09:18:08 | 000,000,000 | ---D | C] -- C:\Users\Devil\AppData\Roaming\wimtundm
[2015.02.02 22:44:34 | 000,000,000 | ---D | C] -- C:\testdisk

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 01:42
od Devil818
========== Files - Modified Within 30 Days ==========

[2015.02.27 21:54:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.02.27 21:48:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.02.27 21:48:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.02.27 21:47:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.02.27 13:56:41 | 000,002,332 | ---- | M] () -- C:\Users\Devil\Documents\Švejda SŽDC.RDP
[2015.02.27 13:56:25 | 000,002,332 | -H-- | M] () -- C:\Users\Devil\Documents\Default.rdp
[2015.02.27 13:55:52 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.02.26 11:47:48 | 000,020,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.02.26 11:47:48 | 000,020,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.02.26 11:44:46 | 001,588,178 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.02.26 11:44:46 | 000,671,994 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.02.26 11:44:46 | 000,656,106 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.02.26 11:44:46 | 000,143,070 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.02.26 11:44:46 | 000,123,476 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.02.26 11:39:21 | 2049,458,175 | -HS- | M] () -- C:\hiberfil.sys
[2015.02.24 23:03:12 | 000,411,677 | ---- | M] () -- C:\580102-18-01 R22.6 Spojka S22.1 - Obvodové schéma-Model.pdf
[2015.02.22 19:46:17 | 000,007,664 | ---- | M] () -- C:\Users\Devil\AppData\Local\Resmon.ResmonCfg
[2015.02.20 18:42:40 | 000,008,192 | ---- | M] () -- C:\Users\Devil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015.02.18 22:55:43 | 003,092,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.02.18 22:21:53 | 000,000,857 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015.02.18 16:34:55 | 000,001,401 | ---- | M] () -- C:\Users\Devil\Desktop\Virtual PC.lnk
[2015.02.12 19:01:56 | 000,073,011 | ---- | M] () -- C:\Users\Devil\Documents\Apalucha seznam věcí.pdf
[2015.02.08 20:23:51 | 000,043,064 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2015.02.08 15:33:55 | 000,009,734 | ---- | M] () -- C:\Users\Devil\Documents\cc_20150208_153351.reg
[2015.02.08 15:17:27 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2015.02.08 15:12:10 | 000,431,395 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2015.02.07 21:04:36 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2015.02.05 18:35:52 | 000,026,400 | ---- | M] () -- C:\Users\Devil\Documents\cc_20150205_183547.reg
[2015.02.04 22:22:10 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.02.04 22:22:10 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2015.02.27 21:54:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.02.27 13:56:41 | 000,002,332 | ---- | C] () -- C:\Users\Devil\Documents\Švejda SŽDC.RDP
[2015.02.24 23:03:11 | 000,411,677 | ---- | C] () -- C:\580102-18-01 R22.6 Spojka S22.1 - Obvodové schéma-Model.pdf
[2015.02.18 22:34:20 | 000,001,203 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CS4.lnk
[2015.02.18 22:33:32 | 000,001,131 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Encore CS4.lnk
[2015.02.18 22:32:36 | 000,001,179 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe OnLocation CS4.lnk
[2015.02.18 22:31:10 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
[2015.02.18 22:30:18 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
[2015.02.18 22:28:57 | 000,001,283 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
[2015.02.18 22:28:26 | 000,001,407 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2015.02.18 22:27:46 | 000,001,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
[2015.02.18 21:04:39 | 000,000,913 | ---- | C] () -- C:\Users\Devil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
[2015.02.18 19:36:43 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2015.02.18 19:36:30 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2015.02.18 16:34:55 | 000,001,401 | ---- | C] () -- C:\Users\Devil\Desktop\Virtual PC.lnk
[2015.02.12 19:01:54 | 000,073,011 | ---- | C] () -- C:\Users\Devil\Documents\Apalucha seznam věcí.pdf
[2015.02.08 15:33:53 | 000,009,734 | ---- | C] () -- C:\Users\Devil\Documents\cc_20150208_153351.reg
[2015.02.08 15:11:53 | 000,431,395 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2015.02.07 21:04:36 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2015.02.07 17:01:56 | 000,007,664 | ---- | C] () -- C:\Users\Devil\AppData\Local\Resmon.ResmonCfg
[2015.02.06 18:38:14 | 003,066,880 | ---- | C] () -- C:\Windows\SysNative\pwNative.exe
[2015.02.06 18:38:14 | 000,019,152 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys
[2015.02.06 18:38:13 | 000,012,504 | ---- | C] () -- C:\Windows\SysNative\pwdspio.sys
[2015.02.05 18:35:49 | 000,026,400 | ---- | C] () -- C:\Users\Devil\Documents\cc_20150205_183547.reg
[2015.01.12 22:12:33 | 000,008,192 | ---- | C] () -- C:\Users\Devil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.11.12 04:42:53 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2014.11.12 04:42:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.11.12 04:40:51 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2014.11.12 04:40:50 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2014.11.12 04:40:48 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014.11.12 04:40:45 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2014.11.12 04:40:44 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.11.12 04:40:44 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.11.12 04:40:43 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014.11.11 19:43:19 | 001,563,100 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.10.01 19:54:10 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 03:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.02.21 23:14:51 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\.minecraft
[2015.01.12 22:00:16 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\ACD Systems
[2014.11.14 21:47:54 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Autodesk
[2015.02.08 15:09:22 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Check Point Software Technologies LTD
[2014.12.23 10:13:26 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\LEGO Company
[2015.02.08 18:37:28 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\nzctrrzk
[2014.12.07 21:35:12 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\PCDr
[2015.01.05 21:41:41 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Seznam.cz
[2015.02.09 22:54:35 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\TeamViewer
[2015.01.22 20:56:35 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\TuneUp Software
[2015.02.18 21:43:11 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\vopnffll
[2015.02.04 09:18:08 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\wimtundm
[2015.01.17 21:13:11 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\zpcscqdi

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,029,542 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.11.14 23:55:39 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.11.14 23:55:41 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.12.12 19:40:26 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2014.11.11 16:57:49 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2014.11.11 16:57:49 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< >

< %systemroot%*.* /U /s >
[11 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[9 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015.02.21 23:14:51 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\.minecraft
[2015.01.12 22:00:16 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\ACD Systems
[2015.02.24 21:10:14 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Adobe
[2014.11.12 04:49:31 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\ATI
[2014.11.14 21:47:54 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Autodesk
[2015.02.08 20:28:42 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Avira
[2015.02.08 15:09:22 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Check Point Software Technologies LTD
[2014.12.07 21:39:47 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Dell
[2014.11.16 15:33:16 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Google
[2014.11.10 21:16:32 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Identities
[2014.11.11 23:10:40 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\InstallShield
[2014.11.12 04:48:03 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Intel Corporation
[2014.12.23 10:13:26 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\LEGO Company
[2014.12.12 19:40:58 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Macromedia
[2011.04.12 09:45:27 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Media Center Programs
[2015.02.09 18:17:10 | 000,000,000 | --SD | M] -- C:\Users\Devil\AppData\Roaming\Microsoft
[2015.02.08 20:23:45 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Mozilla
[2015.02.08 18:37:28 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\nzctrrzk
[2014.12.07 21:35:12 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\PCDr
[2014.12.08 08:22:34 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\PSpad
[2015.01.05 21:41:41 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Seznam.cz
[2015.01.19 21:38:34 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Skype
[2015.02.08 10:50:20 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\SUPERAntiSpyware.com
[2015.02.09 22:54:35 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\TeamViewer
[2015.01.22 20:56:35 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\TuneUp Software
[2015.02.07 13:02:20 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\vlc
[2015.02.18 21:43:11 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\vopnffll
[2015.02.04 09:18:08 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\wimtundm
[2015.02.08 15:49:37 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\Winamp
[2015.01.17 21:13:11 | 000,000,000 | ---D | M] -- C:\Users\Devil\AppData\Roaming\zpcscqdi

< %APPDATA%\*.exe /s >
[2014.03.06 16:01:54 | 000,207,368 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\Devil\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall.exe
[2015.02.08 15:09:22 | 000,200,824 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\Devil\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall_d.exe
[2014.03.06 13:18:22 | 000,729,384 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\Devil\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm4ffx.exe
[2014.12.13 22:38:51 | 000,017,542 | R--- | M] () -- C:\Users\Devil\AppData\Roaming\Microsoft\Installer\{428A38D6-791D-4FE5-BA82-D093D26D1D9F}\NewShortcut4_4D22DA47239B4C1F834560F8C7CB3660.exe
[2014.12.13 22:38:50 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Devil\AppData\Roaming\Microsoft\Installer\{428A38D6-791D-4FE5-BA82-D093D26D1D9F}\NewShortcut5_401206B0408D47779A9166D9F91C75ED.exe
[2014.12.13 22:38:51 | 000,017,542 | R--- | M] () -- C:\Users\Devil\AppData\Roaming\Microsoft\Installer\{428A38D6-791D-4FE5-BA82-D093D26D1D9F}\New_Shortcut_S5781_4D22DA47239B4C1F834560F8C7CB3660.exe
[2014.12.13 22:38:51 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Devil\AppData\Roaming\Microsoft\Installer\{428A38D6-791D-4FE5-BA82-D093D26D1D9F}\New_Shortcut_S5784.exe
[2014.11.14 19:41:23 | 000,026,622 | R--- | M] () -- C:\Users\Devil\AppData\Roaming\Microsoft\Installer\{644E9589-F73A-49A4-AC61-A953B9DE5669}\ARPPRODUCTICON.EXE
[2014.11.14 19:43:10 | 000,026,622 | R--- | M] () -- C:\Users\Devil\AppData\Roaming\Microsoft\Installer\{C070121A-C8C5-4D52-9A7D-D240631BD433}\ARPPRODUCTICON.EXE
[2014.11.12 04:42:53 | 000,010,134 | R--- | M] () -- C:\Users\Devil\AppData\Roaming\Microsoft\Installer\{DAE6ACFB-04E0-5960-4EC9-635E4572F66A}\ARPPRODUCTICON.exe
[2014.11.14 19:43:12 | 000,026,622 | R--- | M] () -- C:\Users\Devil\AppData\Roaming\Microsoft\Installer\{F732FEDA-7713-4428-934B-EF83B8DD65D0}\ARPPRODUCTICON.EXE
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\00e3bc05-deb3-42ba-b7ab-4d10efcff0d2\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2015.02.06 10:10:24 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\17d68905-f8b7-4c05-a00b-db19b8f1e436\PCDoctor_6584.01_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\196750be-9088-4334-b597-0350bad63f2d\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\2280b196-ec7a-4fa9-bc6a-e6319a50cd7f\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\31c85400-476d-44c6-9063-6da37179bd11\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\43436822-eb1c-415c-836e-e225971571af\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\7f1f2482-aab5-47d8-b9db-7b2ebfffc2c6\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\8654afe1-6ab8-49b6-9c5c-eba19939338c\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\9099581f-f81e-47b9-ad71-abfdd13065fc\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\9b6d1388-4d1b-4f91-93bb-b0c46a9364c1\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2015.02.06 10:10:24 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\a3fdd95d-c278-48df-8bef-19b2755b6084\PCDoctor_6584.01_windows_appupdaterrules_dell\AddCertificate.exe
[2013.12.19 22:19:02 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\Devil\AppData\Roaming\PCDr\Update\Rules\cdb97b56-4f92-47f9-8ed7-ac39ce96d4a3\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\AddCertificate.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Devil\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Devil\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Devil\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Devil\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Devil\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Devil\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Devil\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Devil\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015.02.27 22:22:01 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015.02.27 13:55:52 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.02.27 22:10:08 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.02.27 17:20:23 | 000,576,704 | ---- | M] () -- C:\Windows\system32\debug.log

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015.01.20 22:02:00 | 007,404,312 | ---- | M] (Piriform Ltd)
"swg" = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2014.11.14 23:56:09 | 000,039,408 | ---- | M] (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.01.14 06:09:46 | 000,815,288 | ---- | M] (Microsoft Corporation) MD5=363BC25BACB34E9D40441968B1B3D5BE -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015.02.17 23:45:00 | 000,843,592 | ---- | M] (Google Inc.) MD5=B9D6D7E6E5C4FCD8DD7F88EC9D563085 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.02.27 21:54:44 | 000,000,512 | ---- | M] () MD5=58FB127D75037B935CDCEC5289DA8530 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.02.11 18:05:44 | 000,001,268 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\24.3.2013_mobil\Android\data\com.gameloft.android.ANMP.GloftPEHM\files\cracker.anim
[2013.02.11 18:05:44 | 000,020,180 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\24.3.2013_mobil\Android\data\com.gameloft.android.ANMP.GloftPEHM\files\cracker.rk
[2013.02.11 18:07:54 | 000,002,100 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\24.3.2013_mobil\Android\data\com.gameloft.android.ANMP.GloftPEHM\files\hdminus_p_paw_cracker.pvr
[2013.02.11 18:06:36 | 000,008,244 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\24.3.2013_mobil\Android\data\com.gameloft.android.ANMP.GloftPEHM\files\p_paw_cracker.pvr
[2013.01.23 19:01:00 | 000,001,268 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\24.3.2013_SDCARD\Android\data\com.gameloft.android.ANMP.GloftPEHM\files\cracker.anim
[2013.01.23 19:01:00 | 000,020,180 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\24.3.2013_SDCARD\Android\data\com.gameloft.android.ANMP.GloftPEHM\files\cracker.rk
[2013.01.23 19:03:52 | 000,002,100 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\24.3.2013_SDCARD\Android\data\com.gameloft.android.ANMP.GloftPEHM\files\hdminus_p_paw_cracker.pvr
[2013.01.23 19:01:46 | 000,008,244 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\24.3.2013_SDCARD\Android\data\com.gameloft.android.ANMP.GloftPEHM\files\p_paw_cracker.pvr
[2013.01.23 19:01:00 | 000,001,268 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\Android z SDCARD\data\com.gameloft.android.ANMP.GloftPEHM\files\cracker.anim
[2013.01.23 19:01:00 | 000,020,180 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\Android z SDCARD\data\com.gameloft.android.ANMP.GloftPEHM\files\cracker.rk
[2013.01.23 19:03:52 | 000,002,100 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\Android z SDCARD\data\com.gameloft.android.ANMP.GloftPEHM\files\hdminus_p_paw_cracker.pvr
[2013.01.23 19:01:46 | 000,008,244 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\Android z SDCARD\data\com.gameloft.android.ANMP.GloftPEHM\files\p_paw_cracker.pvr
[2012.12.22 20:38:38 | 000,001,268 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\Android z TEL\data\com.gameloft.android.ANMP.GloftPEHM\files\cracker.anim
[2012.12.22 20:38:38 | 000,020,180 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\Android z TEL\data\com.gameloft.android.ANMP.GloftPEHM\files\cracker.rk
[2012.12.22 20:40:24 | 000,002,100 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\Android z TEL\data\com.gameloft.android.ANMP.GloftPEHM\files\hdminus_p_paw_cracker.pvr
[2012.12.22 20:39:38 | 000,008,244 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\Android z TEL\data\com.gameloft.android.ANMP.GloftPEHM\files\p_paw_cracker.pvr
[2006.02.06 21:52:34 | 000,636,563 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\hry\Logické hry\Bejeweled\Crack.rar
[2011.09.18 19:33:18 | 020,742,355 | ---- | M] () -- \Devil_music_databaze\_NEW\Jirka\Mix\Mega Hity 2012 - 1\06 Dj Crack - Follow Me (Progressive Mix).mp3
[2014.06.07 15:28:34 | 003,442,022 | ---- | M] () -- \Devil_music_databaze\01_ADD_MUSIC\Follow Me Uncle Cracker.mp3
[2008.09.10 01:12:34 | 001,728,512 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Plug-ins\en_US\VSTPlugins\DeCrackler1.dll
[2008.09.10 01:12:34 | 001,728,512 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Plug-ins\en_US\VSTPlugins\DeCrackler2.dll
[2008.09.10 01:12:34 | 001,728,512 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Plug-ins\en_US\VSTPlugins\DeCrackler6.dll
[2001.12.07 19:00:00 | 000,000,469 | ---- | M] () -- \Program Files (x86)\Revolution Education\Logicator for PIC micros\RTTTL\nutcrack.txt
[2001.08.14 18:31:08 | 000,030,054 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2014\Inventor Server\Textures\surfaces\Cracks.bmp
[1999.11.02 09:38:24 | 000,087,684 | ---- | M] () -- \Users\Devil\01_Photoshop\Textures\Others\CrackedPlaster.jpg
[2012.04.04 16:15:32 | 014,531,471 | ---- | M] () -- \Users\Devil\80_Install\00_Games\Sandlot-Games---Granny-In-Paradise-+-Crack.rar
[2001.08.14 18:31:08 | 000,030,054 | ---- | M] () -- \Users\Devil\80_Install\AUTODESK.AUTOCAD.V2014.WIN64-ISO\X64\ACAD\PROGRAM FILES\ROOT\INVENTOR SERVER\TEXTURES\SURFACES\CRACKS.BMP

< *keygen* /s >

< *loader* /s >
[2011.09.25 06:51:32 | 000,019,992 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\02_\PCMDataBases\MSSQL10.PCMSERVER\MSSQL\Binn\SqlResourceLoader.dll
[2010.07.13 08:41:12 | 000,000,000 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\000_záloha FLASH DEVIL 4G\wordpress\wp-includes\script-loader.php
[2010.07.13 08:41:14 | 000,001,893 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\000_záloha FLASH DEVIL 4G\wordpress\wp-includes\template-loader.php
[2001.05.27 20:40:58 | 000,002,035 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\100_přesun\apache\php\pear\PEAR\Uploader.php
[2003.10.27 16:07:36 | 000,032,768 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\100_přesun\games\happy\loader.exe
[2003.10.27 15:42:02 | 000,002,988 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\100_přesun\games\happy\loader.txt
[2013.04.11 13:37:38 | 000,244,549 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackup - copy\com.google.android.apps.uploader-08247f1d363b72ac8966db1896f85966.apk.gz
[2013.04.16 21:39:40 | 000,010,617 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackup - copy\com.google.android.apps.uploader-20130416-203940.properties
[2013.04.16 21:39:40 | 000,002,810 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackup - copy\com.google.android.apps.uploader-20130416-203940.tar.gz
[2013.04.11 13:37:38 | 000,244,549 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackup\com.google.android.apps.uploader-08247f1d363b72ac8966db1896f85966.apk.gz
[2013.04.16 21:39:40 | 000,010,617 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackup\com.google.android.apps.uploader-20130416-203940.properties
[2013.04.16 21:39:40 | 000,002,810 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackup\com.google.android.apps.uploader-20130416-203940.tar.gz
[2013.04.05 10:53:46 | 000,416,984 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackupPuvodni\com.google.android.apps.uploader-0926976b806d9da199bfe918adbbfdc2.apk.gz
[2013.04.05 10:53:46 | 000,010,621 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackupPuvodni\com.google.android.apps.uploader-20130405-082349.properties
[2013.04.05 10:53:46 | 000,000,129 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_new\TitaniumBackupPuvodni\com.google.android.apps.uploader-20130405-082349.tar.gz
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\de\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-dark.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\de\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-light.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\de\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-webapp.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\en\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-dark.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\en\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-light.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\en\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-webapp.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\es\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-dark.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\es\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-light.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\es\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-webapp.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\fr\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-dark.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\fr\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-light.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\fr\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-webapp.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\it\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-dark.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\it\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-light.gif
File not found -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\Android\data\com.ea.game.realracing2_na\files\res\help_pages\it\wp-content\wptouch-data\themes\classicfiremint\iphone\images\ajax-loader-webapp.gif
[2013.04.11 13:37:38 | 000,244,549 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\TitaniumBackup\com.google.android.apps.uploader-08247f1d363b72ac8966db1896f85966.apk.gz
[2013.04.16 21:39:40 | 000,010,617 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\TitaniumBackup\com.google.android.apps.uploader-20130416-203940.properties
[2013.04.16 21:39:40 | 000,002,810 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\90_Záloha telefon\00_Poslední SD po Huawei\TitaniumBackup\com.google.android.apps.uploader-20130416-203940.tar.gz
[2000.05.30 13:17:00 | 000,000,818 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\01_OLD notebook Adr sdílení\hry\HugoCZ (D)\Config\LoaderPlugin.cnf
[2013.09.02 10:01:10 | 000,004,302 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\Záloha po Restart Radim\TitaniumBackupX\com.google.android.apps.uploader-20130902-000110.properties
[2013.09.02 02:01:10 | 000,000,129 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\Záloha po Restart Radim\TitaniumBackupX\com.google.android.apps.uploader-20130902-000110.tar.gz
[2013.08.20 10:13:14 | 000,188,428 | ---- | M] () -- \00_Obnova dat Notebook\00_ROZHAZENO ASI AVG\03_\Záloha po Restart Radim\TitaniumBackupX\com.google.android.apps.uploader-edd589df6e0fe087998d6ac5262bdf83.apk.gz
[2011.09.25 06:51:32 | 000,019,992 | ---- | M] () -- \00_Obnova dat Notebook\PCMDataBases\MSSQL10.PCMSERVER\MSSQL\Binn\SqlResourceLoader.dll
[2009.12.31 15:31:00 | 008,435,954 | ---- | M] () -- \Devil_music_databaze\_000_a_ROZTRIDIT\02_MODERN_AND_HAUS\Hudba 2009\Tanecni liga Best Dance Hits 2009\CD2\05._dave_darell_-_freeloader.mp3
[2008.08.28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008.08.26 01:32:24 | 000,217,088 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Media Encoder CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2008.09.09 17:06:42 | 000,217,088 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Premiere Pro CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2015.01.22 21:07:09 | 000,004,178 | ---- | M] () -- \Program Files (x86)\AVG Web TuneUp\Chrome\content\icons\loader.gif
[2014.11.24 10:23:24 | 000,045,872 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2014.11.24 10:23:24 | 000,497,400 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2014.11.24 10:23:25 | 000,196,344 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[1 \Program Files (x86)\Avira\AntiVir Desktop\*.tmp files -> \Program Files (x86)\Avira\AntiVir Desktop\*.tmp -> ]
[2014.11.19 16:35:35 | 000,925,584 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpndownloader.exe
[2014.11.19 16:35:35 | 000,925,584 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpndownloader.exe
[2004.02.03 10:27:56 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2014.09.03 00:27:24 | 000,268,432 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 00:27:24 | 000,019,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2015.01.13 13:49:52 | 000,845,192 | ---- | M] () -- \Program Files (x86)\MiniTool Partition Wizard Free 9.0\loader.exe
[2013.01.09 11:41:56 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.10.01 12:05:14 | 005,430,784 | ---- | M] () -- \Program Files (x86)\Teco\Mosaic\Utils\TecoUtils\ProjectLoader\ProjectLoader.exe
[2013.02.08 10:11:46 | 000,195,912 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2014\AcAutoLoader.arx
[2013.02.08 10:07:18 | 002,343,240 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2014\AdDownloaderCore.dll
[2013.01.18 15:02:16 | 000,026,440 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2014\AecLoader.arx
[2013.02.08 10:14:20 | 000,011,592 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2014\en-US\AcAutoLoaderRes.dll
[2012.05.25 02:55:50 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2014\GeoMapHtml\assets\icon\ajax-loader.gif
[2013.01.25 22:36:46 | 000,064,384 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2014\Inventor Server\Bin\ClrAddinLoader.dll
[2014.09.03 00:27:24 | 000,364,176 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 00:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.12.07 20:47:49 | 000,001,459 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Mosaic\Project Loader.lnk
[2014.12.07 20:47:50 | 000,001,539 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Mosaic\Documentation\Project Loader.lnk
[2014.12.07 20:47:49 | 000,001,459 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Mosaic\Project Loader.lnk
[2014.12.07 20:47:50 | 000,001,539 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Mosaic\Documentation\Project Loader.lnk
[2011.09.17 07:46:20 | 000,002,779 | ---- | M] () -- \Users\Devil\40_Satelit\Záloha SAT_stažené soubory v commanderu\etc\gtk-2.0\gdk-pixbuf.loaders
[2013.02.08 10:11:46 | 000,195,912 | ---- | M] () -- \Users\Devil\80_Install\AUTODESK.AUTOCAD.V2014.WIN64-ISO\X64\ACAD\PROGRAM FILES\ROOT\ACAUTOLOADER.ARX
[2013.02.08 10:07:18 | 002,343,240 | ---- | M] () -- \Users\Devil\80_Install\AUTODESK.AUTOCAD.V2014.WIN64-ISO\X64\ACAD\PROGRAM FILES\ROOT\ADDOWNLOADERCORE.DLL
[2013.01.18 15:02:16 | 000,026,440 | ---- | M] () -- \Users\Devil\80_Install\AUTODESK.AUTOCAD.V2014.WIN64-ISO\X64\ACAD\PROGRAM FILES\ROOT\AECLOADER.ARX
[2012.05.25 02:55:50 | 000,003,208 | ---- | M] () -- \Users\Devil\80_Install\AUTODESK.AUTOCAD.V2014.WIN64-ISO\X64\ACAD\PROGRAM FILES\ROOT\GEOMAPHTML\ASSETS\ICON\AJAX-LOADER.GIF
[2013.01.25 22:36:46 | 000,064,384 | ---- | M] () -- \Users\Devil\80_Install\AUTODESK.AUTOCAD.V2014.WIN64-ISO\X64\ACAD\PROGRAM FILES\ROOT\INVENTOR SERVER\BIN\CLRADDINLOADER.DLL
[2013.02.08 10:14:20 | 000,011,592 | ---- | M] () -- \Users\Devil\80_Install\AUTODESK.AUTOCAD.V2014.WIN64-ISO\X64\EN-US\ACAD\ACAD\PROGRAM FILES\ROOT\ACAUTOLOADERRES.DLL
[2015.02.19 16:12:41 | 000,002,892 | ---- | M] () -- \Users\Devil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DHM8B9K3\loader[1].gif
[2015.02.08 21:10:47 | 000,001,737 | ---- | M] () -- \Users\Devil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F4PX2G14\ajax-loader-small[1].gif
[2015.02.19 16:12:39 | 000,002,892 | ---- | M] () -- \Users\Devil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FT0J3LED\loader[1].gif
[2015.02.10 20:26:20 | 000,055,833 | ---- | M] () -- \Users\Devil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MJFU1RV8\loader[1].swf
[2014.10.24 08:42:10 | 000,072,638 | ---- | M] () -- \Users\Devil\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.10.24 08:42:10 | 000,003,032 | ---- | M] () -- \Users\Devil\AppData\Local\Skype\Apps\login\images\loader.png
[2014.10.24 08:42:10 | 000,006,012 | ---- | M] () -- \Users\Devil\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.10.24 08:42:10 | 000,021,956 | ---- | M] () -- \Users\Devil\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.10.24 08:42:10 | 000,009,772 | ---- | M] () -- \Users\Devil\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Devil\AppData\Roaming\Seznam.cz\bin\20680libfoxloader-x64.dll
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Devil\AppData\Roaming\Seznam.cz\bin\20680libfoxloader.dll
[2015.01.05 21:41:38 | 000,000,165 | ---- | M] () -- \Users\Devil\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.01.09 11:41:56 | 000,030,608 | ---- | M] () -- \Users\Devil\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Devil\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Devil\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.03.09 08:52:18 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 08:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 08:52:18 | 000,364,168 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 08:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 08:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 08:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2015.02.26 21:34:43 | 000,079,402 | ---- | M] () -- \Windows\Prefetch\VPNDOWNLOADER.EXE-CE416BDB.pf
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:56:55 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:57:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:58:04 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:56:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:57:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:58:04 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 09:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 09:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 09:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 09:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 09:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2014.11.11 19:17:54 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.11.11 19:17:54 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2014.11.11 19:17:54 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2014.11.11 19:17:54 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2014.11.11 19:17:54 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 09:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2014.12.13 02:57:48 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_9200d0e22cbafea1.manifest
[2015.01.12 23:17:25 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_91e42f042cd18522.manifest
[2015.01.16 07:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.12.12 07:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2015.01.12 04:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 07:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:56:55 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:57:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:58:04 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:56:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:57:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.11 16:58:04 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 11:51
od Rudy
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:
:OTL
PRC - [2014.11.15 00:08:52 | 000,309,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2014.07.14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014.07.14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
SRV - [2014.07.14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014.07.14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll File not found
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-1708710939-2559178541-428600725-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)


:files
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Skype\Toolbars
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]


Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 16:56
od Devil818
Zasílám požadovaný log. Pokud by to pomohlo nyní jsem koukal do správce úloh a IE je tam stále: http://ib.adsnowusers.com/?s=číslo které se mění

All processes killed
========== OTL ==========
No active process named GoogleToolbarUser_32.exe was found!
Process SkypeC2CAutoUpdateSvc.exe killed successfully!
Process SkypeC2CPNRSvc.exe killed successfully!
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe moved successfully.
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1708710939-2559178541-428600725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ deleted successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_metadata folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\zh_TW folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\zh_CN folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\vi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\uk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\tr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\th folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ru folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ro folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pt_PT folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pt_BR folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\no folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\nl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ms folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\lv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\lt folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ko folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ja folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\it folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\id folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\hu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\hi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\he folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fil folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\et folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\es_419 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\es folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\en_US folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\en_GB folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\el folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\de folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\da folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\cs folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ca folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\bg folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ar folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_metadata folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\zh_TW folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\zh_CN folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\vi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\uk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\tr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\th folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\sv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\sr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\sl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\sk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ru folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ro folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\pt_PT folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\pt_BR folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\pl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\no folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\nl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ms folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\lv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\lt folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ko folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ja folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\it folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\id folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\hu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\hr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\hi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\he folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\fr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\fil folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\fi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\eu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\et folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\es_419 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\es folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\en_US folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\en_GB folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\el folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\de folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\da folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\cs folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ca folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\bg folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales\ar folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_metadata folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\zh_TW folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\zh_CN folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\vi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\uk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\tr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\th folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\sv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\sr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\sl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\sk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ru folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ro folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\pt_PT folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\pt_BR folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\pl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\no folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\nl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\lv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\lt folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ko folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ja folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\it folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\id folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\hu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\hr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\hi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\he folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\fr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\fil folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\fi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\es folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\en folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\el folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\de folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\da folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\cs folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ca folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\bg folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales\ar folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_metadata folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_TW folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_CN folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\vi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\uk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\tr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\th folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ru folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ro folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_PT folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_BR folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\no folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\nl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lt folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ko folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ja folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\it folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\id folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\he folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fil folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\et folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es_419 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_US folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_GB folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\el folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\de folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\da folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\cs folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ca folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\bg folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ar folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_metadata folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\vi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\uk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\tr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\th folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ru folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ro folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\no folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\nl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ms folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\lv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\lt folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ko folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ja folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\it folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\id folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\hu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\hi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\he folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fil folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\et folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\es_419 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\es folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\en_US folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\en_GB folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\el folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\de folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\da folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\cs folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ca folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\bg folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ar folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_metadata folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0 folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_metadata folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_TW folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_CN folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\vi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\uk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\tr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\th folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sk folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\se folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ru folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ro folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_PT folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_BR folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\no folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\nl folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lv folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lt folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ko folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ja folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\it folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\id folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hu folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fr folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fil folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fi folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\es folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\en folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\el folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\de folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\da folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\cs folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ca folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\bg folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ar folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales folder moved successfully.
C:\Users\Devil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
64bit-Registry value HKEY_USERS\S-1-5-21-1708710939-2559178541-428600725-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ deleted successfully.
File Protocol\Handler\viprotocol - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skypec2c\ deleted successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll not found.
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Program Files (x86)\Google\Google Toolbar\Component folder moved successfully.
C:\Program Files (x86)\Google\Google Toolbar folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\PNRSvc folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Devil
->Temp folder emptied: 57992467 bytes
->Temporary Internet Files folder emptied: 182126134 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 243939045 bytes
->Flash cache emptied: 1218 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 390070323 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 56349624 bytes
RecycleBin emptied: 20739150006 bytes

Total Files Cleaned = 20 666,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Devil
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point




OTL by OldTimer - Version 3.2.69.0 log created on 02282015_124717

Files\Folders moved on Reboot...
C:\Users\Devil\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully.
C:\Users\Devil\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Devil\AppData\Local\Temp\~DF278E4056693F29D1.TMP moved successfully.
C:\Users\Devil\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\avg_secure_search.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.
File\Folder C:\Windows\temp\ZLT05d26.TMP not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 20:00
od Rudy
Smazáno. Nastala nějaká změna?

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 21:34
od Devil818
Bohužel žádná změna. Po jakémkoliv startu PC je vše OK, ale jakmile spustím prohlížeč Chrome, zároveň koukám do běžících procesů a spuštěných aplikací, v aplikacích se objeví chvilku pouze Chrome, ale po nějaké době v procesech naběhne 2x řádek iexplore.exe *32 a 1x iexplore.exe, v tuto chvíli se objeví v přehledu běžících aplikací IE v tomto znění: http://ib.adsnowusers.com/?s=číslo které se mění - Internet Explorer

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 22:27
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 28 úno 2015 23:20
od Devil818
Nainstaloval jsem mbam-setup-2.0.4.1028.exe, provedl aktualizace databází, a zde je log ze scanu:



Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28.2.2015
Scan Time: 22:51:33
Logfile: scan Malware.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.28.06
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Devil

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352146
Time Elapsed: 9 min, 29 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.OpenCandy, C:\Users\Devil\80_Install\MediaInfo_GUI_0.7.72_Windows.exe, No Action By User, [8524ca58ed9d3cfa02aa7f7bd1347888],

Physical Sectors: 0
(No malicious items detected)


(end)

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 01 bře 2015 11:15
od Rudy
Nalezenou položku smažte.

Re: samovolné spouštění IE - vyvolání nechtěných reklam

Napsal: 01 bře 2015 15:23
od Devil818
Nalezená položka je instalačka programu pro detekce informací o AVI souborech, mám ji také nainstalovanou. Předpokládám, že asi bych měl i daný program odinstalovat? Install tedy smažu?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz