prosím o kontrolu - otevírá záhadná okna

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[MedaBeda]

ComboFix 16-03-19.01 - Beda 25.03.2016 9:53.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8140.5069 [GMT 1:00]
Spuštěný z: c:\users\Beda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Beda\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Beda\AppData\Roaming\ACD Systems\ACDSee\ImageDB.ddf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-25 do 2016-03-25 )))))))))))))))))))))))))))))))
.
.
2016-03-25 08:56 . 2016-03-25 08:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2016-03-25 08:56 . 2016-03-25 08:56 -------- d-----w- c:\users\oem\AppData\Local\temp
2016-03-25 08:56 . 2016-03-25 08:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-22 12:03 . 2016-03-22 12:03 -------- d-----w- c:\programdata\Malwarebytes
2016-03-22 11:56 . 2016-03-22 15:06 -------- d-----w- C:\AdwCleaner
2016-03-22 09:06 . 2016-03-22 09:10 -------- d-----w- c:\program files\trend micro
2016-03-22 09:06 . 2016-03-22 09:07 -------- d-----w- C:\rsit
2016-03-21 17:29 . 2016-03-21 18:22 -------- d-----w- c:\programdata\Bluetooth
2016-03-19 12:09 . 2016-03-19 12:09 -------- d-----w- c:\program files (x86)\Common Files\Atheros
2016-03-19 10:47 . 2016-03-19 10:47 -------- d-----w- c:\program files\AirLive
2016-03-18 16:00 . 2016-03-18 16:00 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2016-03-18 09:39 . 2016-03-18 09:39 -------- d-----w- c:\program files (x86)\SSD Fresh
2016-03-18 08:54 . 2016-03-02 15:59 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CE83C7DD-93E5-450F-81EC-F62DFFB5B4AD}\mpengine.dll
2016-03-18 08:53 . 2016-03-18 08:53 -------- d-----w- c:\program files\CCleaner
2016-03-13 15:08 . 2016-03-19 11:35 -------- d-----w- c:\program files\totalcmd
2016-03-13 11:48 . 2016-03-13 11:48 212184 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2016-03-13 11:47 . 2016-03-13 11:47 368928 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2016-03-13 11:47 . 2016-03-13 11:47 25336 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2016-03-09 08:40 . 2016-02-19 19:02 38336 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-03-09 08:40 . 2016-02-19 18:54 1168896 ----a-w- c:\windows\system32\aeinv.dll
2016-03-09 08:40 . 2016-02-19 14:07 1373184 ----a-w- c:\windows\system32\appraiser.dll
2016-03-09 08:40 . 2016-02-11 14:07 689152 ----a-w- c:\windows\system32\generaltel.dll
2016-03-09 08:40 . 2016-02-05 14:07 696832 ----a-w- c:\windows\system32\invagent.dll
2016-03-09 08:40 . 2016-02-05 14:07 499200 ----a-w- c:\windows\system32\devinv.dll
2016-03-09 08:40 . 2016-02-05 14:07 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-03-04 12:04 . 2016-03-19 11:07 -------- d-----w- c:\users\Beda
2016-03-04 10:33 . 2016-03-13 07:51 84728 ----a-w- c:\program files\Common Files\Microsoft Shared\ClickToRun\msointl30.cs-cz.dll
2016-03-04 10:33 . 2016-03-13 07:45 946944 ----a-w- c:\program files\Common Files\Microsoft Shared\ClickToRun\C2RUI.cs-cz.dll
2016-03-03 00:03 . 2016-03-03 00:03 -------- d-----w- c:\program files (x86)\Microsoft OneDrive
2016-03-03 00:03 . 2016-03-03 00:03 -------- d-----w- c:\programdata\Microsoft OneDrive
2016-03-02 23:59 . 2016-03-13 14:55 2520864 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-03-02 09:21 . 2016-03-02 09:21 269232 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2016-02-28 05:22 . 2016-02-28 05:22 20680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\extensibility.dll
2016-02-27 22:28 . 2016-02-27 22:28 1274456 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pidgenx.dll
2016-02-27 00:18 . 2016-02-27 00:18 5132888 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2016-02-27 00:18 . 2016-02-27 00:18 2230360 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL
2016-02-27 00:18 . 2016-02-27 00:18 204376 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
2016-02-27 00:18 . 2016-02-27 00:18 1833560 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL
2016-02-27 00:18 . 2016-02-27 00:18 179800 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
2016-02-27 00:18 . 2016-02-27 00:18 1653336 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL
2016-02-27 00:18 . 2016-02-27 00:18 147032 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-12 00:00 . 2012-09-15 10:06 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-12 00:00 . 2012-09-15 10:06 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-09 22:49 . 2012-09-01 11:51 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-11 18:48 . 2016-03-09 08:41 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:37 . 2016-03-09 08:41 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:30 . 2016-03-09 08:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-04 22:13 . 2016-02-04 22:13 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-04 22:13 . 2016-02-04 22:13 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2016-02-04 08:12 . 2016-02-04 08:12 88816 ----a-w- c:\windows\system32\vcruntime140.dll
2016-02-04 08:12 . 2016-02-04 08:12 635120 ----a-w- c:\windows\system32\msvcp140.dll
2016-02-04 08:12 . 2016-02-04 08:12 390400 ----a-w- c:\windows\system32\vccorlib140.dll
2016-02-04 08:12 . 2016-02-04 08:12 333080 ----a-w- c:\windows\system32\concrt140.dll
2016-02-04 06:21 . 2016-02-04 06:21 85232 ----a-w- c:\windows\SysWow64\vcruntime140.dll
2016-02-04 06:21 . 2016-02-04 06:21 439536 ----a-w- c:\windows\SysWow64\msvcp140.dll
2016-02-04 06:21 . 2016-02-04 06:21 267016 ----a-w- c:\windows\SysWow64\vccorlib140.dll
2016-02-04 06:21 . 2016-02-04 06:21 243480 ----a-w- c:\windows\SysWow64\concrt140.dll
2016-02-03 10:53 . 2016-02-03 10:53 378288 ----a-w- c:\windows\system32\drivers\avgloga.sys
2016-01-26 10:04 . 2016-01-26 10:04 315312 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2016-01-26 10:04 . 2016-01-26 10:04 272304 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2016-01-22 06:19 . 2016-02-10 12:53 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:18 . 2016-02-10 12:53 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-10 12:53 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:17 . 2016-02-10 12:53 159744 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-22 06:15 . 2016-02-10 12:53 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:12 . 2016-02-10 12:53 1940992 ----a-w- c:\windows\system32\authui.dll
2016-01-22 06:04 . 2016-02-10 12:53 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2016-01-22 06:04 . 2016-02-10 12:53 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2016-01-22 06:02 . 2016-02-10 12:53 114176 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-01-22 06:02 . 2016-02-10 12:53 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2016-01-22 06:00 . 2016-02-10 12:53 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-01-22 05:59 . 2016-02-10 12:53 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-01-22 05:19 . 2016-02-10 12:53 3231232 ----a-w- c:\windows\explorer.exe
2016-01-22 05:12 . 2016-02-10 12:53 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-01-16 19:01 . 2016-02-10 12:53 2085888 ----a-w- c:\windows\system32\ole32.dll
2016-01-16 18:36 . 2016-02-10 12:53 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2016-01-08 09:46 . 2016-01-08 09:46 23472 ----a-w- c:\windows\system32\drivers\avguniva.sys
2016-01-07 17:42 . 2016-02-10 12:53 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-01-06 19:02 . 2016-02-10 12:54 24576 ----a-w- c:\windows\system32\jnwmon.dll
2016-01-06 19:02 . 2016-02-10 12:54 275456 ----a-w- c:\windows\system32\InkEd.dll
2016-01-06 18:41 . 2016-02-10 12:54 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2002-12-16 09:45 . 2010-01-10 21:51 208384 ----a-r- c:\program files (x86)\spec14.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-12-16 133400]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"AVG_UI"="c:\program files (x86)\AVG\Av\avuirunnerx.exe" [2016-03-02 25512]
"AvgUi"="c:\program files (x86)\AVG\Framework\Common\avguirnx.exe" [2016-02-18 179624]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2013-04-18 313656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2015-9-9 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 AvgAMPS;AvgAMPS;c:\program files (x86)\AVG\Av\avgamps.exe;c:\program files (x86)\AVG\Av\avgamps.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 Avguniva;AVG Universal Driver;c:\windows\system32\DRIVERS\avguniva.sys;c:\windows\SYSNATIVE\DRIVERS\avguniva.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\Av\avgidsagent.exe;c:\program files (x86)\AVG\Av\avgidsagent.exe [x]
S2 avgsvc;AVG Service;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\Av\avgwdsvcx.exe;c:\program files (x86)\AVG\Av\avgwdsvcx.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-15 18:00 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-03-13 15:45 2095920 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-03-13 15:45 2095920 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-03-13 15:45 2095920 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-16 12445288]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2013-10-18 184632]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-10-09 7818040]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.vave.biz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ExpressBurn - c:\program files (x86)\NCH Software\ExpressBurn\expressburn.exe
AddRemove-WavePad - c:\program files (x86)\NCH Software\WavePad\wavepad.exe
AddRemove-xampp - c:\xampp\uninstall.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
.
**************************************************************************
.
Celkový čas: 2016-03-25 09:59:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-25 08:59
ComboFix2.txt 2016-03-24 09:57
.
Před spuštěním: Volných bajtů: 40 029 286 400
Po spuštění: Volných bajtů: 39 528 980 480
.
- - End Of File - - 14B5A4322F78A4965D534FFF21E52902
A36C5E4F47E84449FF07ED3517B43A31




P.S.
ráno otevřel něco s alibaba.com a teď po restartu "hurá" aspoň českou stránku cz.unibet.com

a pořád mě skoro při každé otevírané stránce upozorňuje že otevírám stránky se zabezpečením nebo naopak hodlám opustit zónu se zabezpečení

[Márty84]

Porad jen Explorer?

Postupujte podle navodu kolegy

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[MedaBeda]

ano, pořád jen Explorer - ale teď už otevřel Seznam - hurááááááááááááááá

pokud o ty výzvy furt se zabezpečením stránek, tak jsem ztratila nervy a odklikla "příště nezobrazovat"

tady jsou ty logy:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64
Ran by Beda (Administrator) on p  25.03.2016 at 10:41:21,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 28

Successfully deleted: C:\users\Public\Documents\downloaded installers (Folder)
Successfully deleted: C:\Windows\system32\Tasks\0316avUpdateInfo (Task)
Successfully deleted: C:\Windows\system32\Tasks\1215avUpdateInfo (Task)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E95E06I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31Q96HPB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5BVAM1G5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7HYP25E7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABE70GC1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E6WNDXM7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJ83YUMW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFEGXUZS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZQLZ0PU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUDTI51M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XBIH6G2L (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARMANAGER_A6282D74-E499780F.pf (File)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf (File)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-34B1B1C5.pf (File)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E95E06I (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31Q96HPB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5BVAM1G5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7HYP25E7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABE70GC1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E6WNDXM7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJ83YUMW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFEGXUZS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZQLZ0PU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUDTI51M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XBIH6G2L (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  25.03.2016 at 10:42:50,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Beda on p  25.03.2016 at 10:44:39,61.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Beda\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25.3.2016 10:45:01 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\Bluetooth deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted successfully
C:\Users\Beda\AppData\Roaming\AdobeUM deleted successfully
C:\Users\Beda\AppData\Roaming\Ahead deleted successfully
C:\Users\Beda\AppData\Roaming\Apple Computer deleted successfully
C:\Users\Beda\AppData\Roaming\Opera Software deleted successfully
C:\Users\Beda\AppData\Roaming\TeamViewer deleted successfully
C:\Users\Beda\AppData\Roaming\WinRAR deleted successfully
C:\Users\Beda\AppData\Local\GHISLER deleted successfully
C:\Users\Beda\AppData\Local\Opera Software deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.vave.biz/");

Added to C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Beda\AppData\Roaming\Thunderbird\Profiles\ows9zad8.default\prefs.js:

Added to C:\Users\Beda\AppData\Roaming\Thunderbird\Profiles\ows9zad8.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 not found
C:\windows\SysNative\Tasks\0316avUpdateInfo deleted
C:\PROGRA~3\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Beda\Desktop\RajcePhotoDownloader.lnk deleted

==== Orphaned Tasks deleted from Registry ======================

0316avUpdateInfo deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Beda\AppData\Roaming\Thunderbird\Profiles\ows9zad8.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default
F627791AB91E01A9829A8D9B6E024D52 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll - Shockwave Flash


==== Chromium Look ======================


soulshine - Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\enbjgfinbinhckicnbfbmgjhloecioof

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{D3EAAE97-A8DA-4061-A0BD-3415687857F2}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{D3EAAE97-A8DA-4061-A0BD-3415687857F2} - https://www.google.com/search?q={search ... utEncoding?}

==== Reset Google Chrome ======================

C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Beda\Desktop\Acrobat.lnk - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Acrobat\Acrobat.exe
C:\Users\Beda\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\Any Video Converter\VideoConverter.exe
C:\Users\Beda\Desktop\AviToDvdFree.lnk - C:\Program Files (x86)\AviToDvdFree\avitodvd.exe
C:\Users\Beda\Desktop\AVSVideoEditor.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe
C:\Users\Beda\Desktop\EzThumbs.lnk - C:\Program Files (x86)\Easy Thumbnails\EzThumbs.exe
C:\Users\Beda\Desktop\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Beda\Desktop\iexplorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe "http://trustedsurf.com/?ssid=1458582297 ... b8686d4637"
C:\Users\Beda\Desktop\MOVIEMK.lnk - C:\Program Files (x86)\Movie Maker\MOVIEMK.exe
C:\Users\Beda\Desktop\mp3 DirectCut.lnk - C:\Program Files (x86)\mp3DC\mp3DirectCut.exe
C:\Users\Beda\Desktop\Mp3 Knife.lnk - C:\Program Files (x86)\Mp3 Knife\Mp3 Knife.exe
C:\Users\Beda\Desktop\Nokia Software Updater.lnk - C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui.exe
C:\Users\Beda\Desktop\PaintNet.lnk - C:\Program Files (x86)\Paint.NET\PaintDotNet.exe
C:\Users\Beda\Desktop\PSPad.lnk - C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Users\Beda\Desktop\RegCleanr.lnk - C:\Program Files (x86)\RegCleaner\RegCleanr.exe
C:\Users\Beda\Desktop\Sweet Home 3D.lnk - C:\Program Files (x86)\Sweet Home 3D\SweetHome3D.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Acrobat 6.0 CE Professional.lnk - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Acrobat\Acrobat.exe
C:\Users\Public\Desktop\Ashampoo GetBack Photo.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo GetBack Photo\apr.exe
C:\Users\Public\Desktop\Audio Record Wizard.lnk - C:\Program Files (x86)\Audio Record Wizard\arw.exe
C:\Users\Public\Desktop\AVG Driver Updater.lnk - C:\Windows\Installer\{BB3024E3-E647-45BD-9A6D-8E39818F9F81}\Icon.exe /byUser
C:\Users\Public\Desktop\AVG Protection.lnk - C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\ET6.lnk - C:\Program Files (x86)\GIGABYTE\ET6\ET6SC.exe
C:\Users\Public\Desktop\Free Video Flip and Rotate.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Video Flip and Rotate\FreeVideoFlipAndRotate.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\HP LaserJet Pro MFP M125-M126 - Centrum nápovědy a vzdělávání.lnk -
C:\Users\Public\Desktop\HP LJ M125126 Scan.lnk - C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\HPScan.exe
C:\Users\Public\Desktop\ICQ7M.lnk - C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Users\Public\Desktop\NCH Software.lnk - C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe -suite
C:\Users\Public\Desktop\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\Nokia PC Suite.lnk - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Users\Public\Desktop\Ontrack EasyRecovery Professional.lnk - C:\Program Files (x86)\Kroll Ontrack\Ontrack EasyRecovery11 Professional\ERPro64.exe
C:\Users\Public\Desktop\Photo to Sketch.lnk - C:\Program Files (x86)\Photo to Sketch\photo2sketch.exe
C:\Users\Public\Desktop\PrimoPDF - Drop Files Here to Convert.lnk -
C:\Users\Public\Desktop\rajče průvodce.lnk -
C:\Users\Public\Desktop\RecordPad Sound Recorder.lnk - C:\Program Files (x86)\NCH Software\Recordpad\recordpad.exe
C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\Recuva64.exe
C:\Users\Public\Desktop\Samsung Master.lnk - C:\Program Files (x86)\Samsung\Samsung Master\SamsungMaster.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
C:\Users\Public\Desktop\SSD Fresh.lnk - C:\Program Files (x86)\SSD Fresh\SSDFresh.exe
C:\Users\Public\Desktop\TeamViewer 5.lnk - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
C:\Users\Public\Desktop\Total Commander 64 bit.lnk - C:\Program Files\totalcmd\TOTALCMD64.EXE
C:\Users\Public\Desktop\Total Commander.lnk - C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Users\Public\Desktop\Ulead GIF Animator 5.lnk - C:\Program Files (x86)\Ulead Systems\Ulead GIF Animator 5\ga_main.exe
C:\Users\Public\Desktop\VideoPad Video Editor.lnk - C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe
C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP32.EXE

==== shortcuts in Users Start Menu ======================

C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://trustedsurf.com/?ssid=1458582297 ... b8686d4637"
C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://trustedsurf.com/?ssid=1458582297 ... b8686d4637"
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk - C:\Windows\System32\fsquirt.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo GetBack Photo\Ashampoo GetBack Photo .lnk - C:\Program Files (x86)\Ashampoo\Ashampoo GetBack Photo\apr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo GetBack Photo\Help.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo GetBack Photo\Help\APC-en-us.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo GetBack Photo\Readme.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo GetBack Photo\readme_en.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo GetBack Photo\Uninstall Ashampoo GetBack Photo.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo GetBack Photo\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG Protection.lnk - C:\Program Files (x86)\AVG\Av\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D\Odinstalovat aplikaci Sweet Home 3D.lnk - C:\Program Files (x86)\Sweet Home 3D\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D\Sweet Home 3D.lnk - C:\Program Files (x86)\Sweet Home 3D\SweetHome3D.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Aktualizace HP.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet Pro MFP M125-M126\HP centrum nápovědy a vzdělávání.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet Pro MFP M125-M126\HP Scan.lnk - C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\HPScan.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet Pro MFP M125-M126\Sada nástrojů pro zařízení HP.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet Pro MFP M125-M126\Stav tiskárny HP a upozornění.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet Pro MFP M125-M126\Studie vylepšení produktů HP.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016\Jazykové předvolby Office 2016.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016\Office 2016 Upload Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Professional\Change Ontrack EasyRecovery Professional Language.lnk - C:\Program Files (x86)\Kroll Ontrack\Ontrack EasyRecovery11 Professional\ERPro64.exe -chooselang
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Professional\Ontrack EasyRecovery Professional.lnk - C:\Program Files (x86)\Kroll Ontrack\Ontrack EasyRecovery11 Professional\ERPro64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Professional\Uninstall Ontrack EasyRecovery Professional.lnk - C:\Program Files (x86)\Kroll Ontrack\Ontrack EasyRecovery11 Professional\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk - C:\Program Files\Recuva\Recuva64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk - C:\Program Files\Recuva\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Fresh\SSD Fresh.lnk - C:\Program Files (x86)\SSD Fresh\SSDFresh.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit.lnk - C:\Program Files\totalcmd\TOTALCMD64.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Help.lnk - C:\Program Files\totalcmd\TOTALCMD.CHM
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander.lnk - C:\Program Files\totalcmd\TOTALCMD.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Uninstall or Repair Total Commander.lnk - C:\Program Files\totalcmd\TCUNIN64.EXE

==== shortcuts in Quick Launch ======================

C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://trustedsurf.com/?ssid=1458582297 ... b8686d4637"
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Any Video Converter.lnk - C:\Program Files (x86)\Any Video Converter\VideoConverter.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ACDSee.lnk - C:\Program Files (x86)\ACD Systems\ACDSee\ACDSee.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CS.lnk - C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://trustedsurf.com/?ssid=1458582297 ... b8686d4637"
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk - C:\Program Files\totalcmd\TOTALCMD64.EXE
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PSPad.lnk - C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Beda\Desktop\iexplorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A11EF83-9E0A-4B5C-8D2F-1FF9551A5E8C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7130468A-F53F-4698-8C09-A339EA3B05E6} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Beda\AppData\Local\Mozilla\Firefox\Profiles\k24jwh2r.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=57 folders=73 4867060 bytes)

==== Empty Temp Folders ======================

C:\Users\Beda\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Meda Beda\AppData\Local\temp emptied successfully
C:\Users\oem\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Beda\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on p  25.03.2016 at 11:02:26,81 ======================

[Márty84]

Dame si jeste jeden sken.



Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[MedaBeda]

OTL.txt - první část

OTL logfile created on: 25.3.2016 12:29:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Beda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,95 Gb Total Physical Memory | 5,35 Gb Available Physical Memory | 67,28% Memory free
15,90 Gb Paging File | 12,81 Gb Available in Paging File | 80,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,59 Gb Total Space | 37,92 Gb Free Space | 33,98% Space Free | Partition Type: NTFS
Drive E: | 698,63 Gb Total Space | 158,73 Gb Free Space | 22,72% Space Free | Partition Type: NTFS

Computer Name: BEDA | User Name: Beda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016.03.25 12:01:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Beda\Desktop\OTL.exe
PRC - [2016.03.08 03:48:49 | 000,874,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016.03.02 10:35:58 | 003,934,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgidsagent.exe
PRC - [2016.03.02 10:31:46 | 000,561,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
PRC - [2016.03.02 10:31:42 | 003,862,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgui.exe
PRC - [2016.02.18 12:10:36 | 001,140,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
PRC - [2015.07.07 19:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.03.27 19:26:49 | 000,309,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013.10.09 16:12:20 | 001,689,976 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2013.10.03 03:17:04 | 001,157,496 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2013.10.03 03:16:36 | 001,137,016 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2013.10.03 03:16:28 | 000,891,256 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2013.04.18 06:57:32 | 000,313,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
PRC - [2013.01.18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.12.04 10:52:22 | 000,174,592 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2012.01.27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.12.16 13:08:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 13:08:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 10:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011.10.17 15:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
PRC - [2000.09.21 14:11:42 | 001,400,832 | ---- | M] (ACD Systems, Ltd.) -- C:\Program Files (x86)\ACD Systems\ACDSee\ACDSee.exe


========== Modules (No Company Name) ==========

MOD - [2016.03.09 23:55:12 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8a5ccf679e51f3a863c9951807a69f93\System.Windows.Forms.ni.dll
MOD - [2016.03.09 23:55:08 | 001,812,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3fe2703b4dd3e9d9cb75dd8d260c6a7f\System.Deployment.ni.dll
MOD - [2016.03.09 23:55:07 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\55927dc9349959f3bb4a5002ab4a2715\System.Configuration.ni.dll
MOD - [2016.03.08 03:48:25 | 001,676,440 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
MOD - [2016.03.08 03:48:13 | 000,086,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
MOD - [2016.02.12 08:08:02 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\311f6574141b35a4f4206f1f6da25a4b\System.ServiceProcess.ni.dll
MOD - [2016.02.12 08:07:56 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\25433ee5d09d563da10280c1343511f9\System.Web.ni.dll
MOD - [2016.02.12 08:07:52 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\48b76dbabfdec8c358f55380db91414c\System.Runtime.Remoting.ni.dll
MOD - [2016.02.12 08:07:36 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\7f8e76c5817e18659ff1c6e6a0b27ff1\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2016.02.12 08:07:31 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ca97db61d7b1564dd115248a1439194e\System.Drawing.ni.dll
MOD - [2016.02.12 08:07:28 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d6204638b750d650b7cbb3278a5954eb\System.Xml.ni.dll
MOD - [2016.02.12 08:07:17 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ef80bf7db724bb3ab5fea4c0e2117cae\System.ni.dll
MOD - [2015.10.22 08:24:09 | 040,500,224 | ---- | M] () -- C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
MOD - [2014.09.11 07:34:59 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013.07.08 13:43:52 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2010.11.13 03:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2000.09.06 16:54:52 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\ACD Systems\ACDSee\InTouchClient.dll


========== Services (SafeList) ==========

SRV:64bit: - [2016.02.08 19:14:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.07.23 01:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.12.08 15:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.04.06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2016.03.25 12:00:04 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016.03.19 16:30:32 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016.03.02 10:35:58 | 003,934,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2016.03.02 10:31:46 | 000,561,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe -- (avgwd)
SRV - [2016.03.02 10:26:14 | 000,604,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\Av\avgamps.exe -- (AvgAMPS)
SRV - [2016.02.18 12:11:34 | 001,045,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe -- (avgsvc)
SRV - [2015.07.07 19:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.04.11 22:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.10.09 16:12:20 | 001,689,976 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2013.10.03 03:17:04 | 001,157,496 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2013.10.03 03:16:36 | 001,137,016 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2013.02.25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.01.18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.04 10:52:22 | 000,174,592 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2012.07.16 18:28:37 | 002,025,368 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.12.16 13:08:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 13:08:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 10:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011.10.17 15:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe -- (HP DS Service)
SRV - [2011.08.30 14:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2016.03.02 10:21:12 | 000,269,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2016.02.03 11:53:04 | 000,378,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2016.01.26 11:04:26 | 000,315,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2016.01.26 11:04:26 | 000,272,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2016.01.08 10:46:34 | 000,023,472 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avguniva.sys -- (Avguniva)
DRV:64bit: - [2015.12.04 14:27:46 | 000,042,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2015.11.06 15:50:34 | 000,184,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2015.10.21 16:16:48 | 000,284,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2015.10.08 07:46:44 | 000,302,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013.07.22 18:56:48 | 000,140,600 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2013.02.22 06:32:08 | 000,160,256 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.11 10:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.27 10:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.27 10:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.27 10:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011.11.28 14:51:44 | 000,033,872 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2011.11.02 09:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.08.11 23:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.05.10 10:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.14 01:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009.07.14 01:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.04.28 09:07:52 | 000,532,480 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PAC7302.SYS -- (PAC7302)
DRV:64bit: - [2005.12.02 13:04:32 | 001,110,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btkrnl.sys -- (BTKRNL)
DRV:64bit: - [2005.12.02 13:02:18 | 000,062,336 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwusb.sys -- (BTWUSB)
DRV - [2012.09.15 07:20:17 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.09.15 07:20:06 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\..\SearchScopes,DefaultScope = {D3EAAE97-A8DA-4061-A0BD-3415687857F2}
IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\..\SearchScopes\{D3EAAE97-A8DA-4061-A0BD-3415687857F2}: "URL" = https://www.google.com/search?q={search ... utEncoding?}
IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2016.03.04 13:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beda\AppData\Roaming\Mozilla\Extensions
[2016.03.22 16:06:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\extensions
[2016.03.19 16:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[MedaBeda]

OTL.txt - druhá část




========== Chrome ==========

CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\enbjgfinbinhckicnbfbmgjhloecioof\1.0_0\
CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2016.03.25 10:45:17 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\Av\avuirunnerx.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AvgUi] C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [StatusAlerts] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/Cl ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10AF1D91-17B6-4B1D-A43A-43AA2E5F15E8}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2016.03.25 12:01:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Beda\Desktop\OTL.exe
[2016.03.25 11:02:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.03.25 10:59:45 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2016.03.25 10:59:45 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Temp
[2016.03.25 10:44:37 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2016.03.25 10:31:40 | 001,610,352 | ---- | C] (Malwarebytes) -- C:\Users\Beda\Desktop\JRT.exe
[2016.03.24 10:50:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2016.03.24 10:50:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2016.03.24 10:50:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2016.03.24 10:50:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2016.03.24 10:50:02 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2016.03.24 09:23:34 | 005,658,151 | R--- | C] (Swearware) -- C:\Users\Beda\Desktop\ComboFix.exe
[2016.03.23 21:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2016.03.23 09:55:27 | 002,374,144 | ---- | C] (Farbar) -- C:\Users\Beda\Desktop\FRST64.exe
[2016.03.22 13:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016.03.22 12:56:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.03.22 10:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016.03.22 10:06:42 | 000,000,000 | ---D | C] -- C:\rsit
[2016.03.21 18:29:34 | 000,000,000 | ---D | C] -- C:\Users\Beda\Documents\Bluetooth
[2016.03.21 14:33:02 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\ElevatedDiagnostics
[2016.03.19 16:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016.03.19 13:16:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Atheros
[2016.03.19 13:15:05 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\BMExplorer
[2016.03.19 13:09:43 | 000,000,000 | ---D | C] -- C:\Users\Beda\Documents\Bluetooth Folder
[2016.03.19 13:09:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2016.03.19 12:44:34 | 000,000,000 | ---D | C] -- C:\Users\Beda\Documents\Moje přijaté soubory
[2016.03.19 11:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\AirLive
[2016.03.19 11:15:50 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Diagnostics
[2016.03.18 17:00:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2016.03.18 10:39:15 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Abelssoft
[2016.03.18 10:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Fresh
[2016.03.18 10:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SSD Fresh
[2016.03.18 10:38:54 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Programs
[2016.03.18 09:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2016.03.18 09:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016.03.18 09:47:19 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\HpUpdate
[2016.03.18 09:43:41 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Ahead
[2016.03.16 13:28:55 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Thunderbird
[2016.03.16 13:28:55 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Thunderbird
[2016.03.13 21:41:07 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\CrashDumps
[2016.03.13 16:08:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
[2016.03.13 16:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2016.03.10 19:25:06 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\POP Peeper
[2016.03.10 12:34:32 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\AVS4YOU
[2016.03.10 12:33:46 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\NVIDIA
[2016.03.10 12:33:46 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\NCH Software
[2016.03.10 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\AvitoDvd
[2016.03.10 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\AviDvdBurner
[2016.03.10 12:28:59 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\HP
[2016.03.10 12:28:10 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\PSpad
[2016.03.10 12:27:44 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Easy Thumbnails
[2016.03.10 12:27:38 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\mp3DirectCut
[2016.03.10 12:27:23 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Paint.NET
[2016.03.10 12:06:17 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Nokia
[2016.03.09 09:41:28 | 000,994,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2016.03.09 09:41:28 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2016.03.09 09:41:28 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2016.03.09 09:41:28 | 000,063,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2016.03.09 09:41:28 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2016.03.09 09:41:28 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2016.03.09 09:41:28 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2016.03.09 09:41:28 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2016.03.09 09:41:28 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2016.03.09 09:41:28 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2016.03.09 09:41:28 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2016.03.09 09:41:28 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2016.03.09 09:41:28 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2016.03.09 09:41:28 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2016.03.09 09:41:28 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2016.03.09 09:41:28 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2016.03.09 09:41:28 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2016.03.09 09:41:28 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2016.03.09 09:41:28 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
[2016.03.09 09:41:28 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-2-0.dll
[2016.03.09 09:41:28 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2016.03.09 09:41:28 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-2-0.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
[2016.03.09 09:41:28 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-1.dll
[2016.03.09 09:41:28 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2016.03.09 09:41:28 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2016.03.09 09:41:28 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll
[2016.03.09 09:41:28 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-timezone-l1-1-0.dll
[2016.03.09 09:41:28 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l2-1-0.dll
[2016.03.09 09:41:28 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l2-1-0.dll
[2016.03.09 09:41:28 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
[2016.03.09 09:41:28 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-2-0.dll
[2016.03.09 09:41:27 | 003,169,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2016.03.09 09:41:27 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2016.03.09 09:41:27 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2016.03.09 09:41:27 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2016.03.09 09:41:27 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2016.03.09 09:41:27 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2016.03.09 09:41:27 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2016.03.09 09:41:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2016.03.09 09:41:26 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2016.03.09 09:41:26 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2016.03.09 09:41:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2016.03.09 09:41:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2016.03.09 09:41:26 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2016.03.09 09:41:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2016.03.09 09:41:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2016.03.09 09:41:25 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2016.03.09 09:41:24 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016.03.09 09:41:24 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016.03.09 09:41:23 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016.03.09 09:41:23 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016.03.09 09:41:23 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016.03.09 09:41:23 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2016.03.09 09:41:23 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016.03.09 09:41:23 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016.03.09 09:41:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016.03.09 09:41:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016.03.09 09:41:23 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016.03.09 09:41:22 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016.03.09 09:41:21 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016.03.09 09:41:21 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016.03.09 09:41:21 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016.03.09 09:41:21 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016.03.09 09:41:21 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016.03.09 09:41:21 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016.03.09 09:41:21 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016.03.09 09:41:21 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016.03.09 09:41:21 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016.03.09 09:41:21 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016.03.09 09:41:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016.03.09 09:41:20 | 002,123,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016.03.09 09:41:20 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016.03.09 09:41:20 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016.03.09 09:41:19 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016.03.09 09:41:19 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016.03.09 09:41:19 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016.03.09 09:41:19 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016.03.09 09:41:19 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016.03.09 09:41:19 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016.03.09 09:41:18 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016.03.09 09:41:18 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016.03.09 09:41:18 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016.03.09 09:41:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016.03.09 09:41:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016.03.09 09:41:17 | 006,052,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016.03.09 09:41:17 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016.03.09 09:41:17 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016.03.09 09:41:17 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016.03.09 09:41:16 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016.03.09 09:41:16 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016.03.09 09:41:10 | 005,572,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016.03.09 09:41:10 | 003,994,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016.03.09 09:41:10 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016.03.09 09:41:10 | 001,733,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016.03.09 09:41:10 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016.03.09 09:41:09 | 001,461,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016.03.09 09:41:09 | 001,214,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016.03.09 09:41:09 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016.03.09 09:41:09 | 000,880,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016.03.09 09:41:09 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016.03.09 09:41:08 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016.03.09 09:41:08 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016.03.09 09:41:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016.03.09 09:41:08 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016.03.09 09:41:08 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016.03.09 09:41:08 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016.03.09 09:41:08 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016.03.09 09:41:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016.03.09 09:41:08 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016.03.09 09:41:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016.03.09 09:41:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016.03.09 09:41:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016.03.09 09:41:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016.03.09 09:41:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016.03.09 09:41:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016.03.09 09:41:07 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016.03.09 09:41:07 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016.03.09 09:41:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016.03.09 09:41:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016.03.09 09:41:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016.03.09 09:41:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016.03.09 09:41:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016.03.09 09:41:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016.03.09 09:41:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016.03.09 09:41:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016.03.09 09:41:06 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016.03.09 09:41:06 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016.03.09 09:41:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016.03.09 09:41:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016.03.09 09:41:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016.03.09 09:41:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016.03.09 09:41:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016.03.09 09:41:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016.03.09 09:41:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016.03.09 09:41:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016.03.09 09:41:06 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016.03.09 09:41:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016.03.09 09:41:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016.03.09 09:41:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016.03.09 09:41:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016.03.09 09:41:02 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2016.03.09 09:41:02 | 000,372,736 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2016.03.09 09:41:02 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2016.03.09 09:41:02 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2016.03.09 09:41:02 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2016.03.09 09:41:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2016.03.09 09:41:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2016.03.09 09:41:01 | 014,634,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2016.03.09 09:41:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2016.03.09 09:41:01 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2016.03.09 09:41:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2016.03.09 09:41:00 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2016.03.09 09:41:00 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2016.03.09 09:41:00 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2016.03.09 09:41:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2016.03.09 09:41:00 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2016.03.09 09:41:00 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2016.03.09 09:41:00 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2016.03.09 09:41:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2016.03.09 09:41:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2016.03.09 09:40:59 | 001,373,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016.03.09 09:40:59 | 001,168,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016.03.09 09:40:59 | 000,696,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2016.03.09 09:40:59 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2016.03.09 09:40:59 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2016.03.09 09:40:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2016.03.09 09:40:59 | 000,038,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016.03.08 10:13:35 | 000,000,000 | ---D | C] -- C:\Users\Beda\Tracing
[2016.03.08 10:13:07 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Skype
[2016.03.06 19:32:43 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Adobe
[2016.03.05 09:02:18 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\GWX
[2016.03.04 13:43:51 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Macromedia
[2016.03.04 13:43:51 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Macromedia
[2016.03.04 13:41:22 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Mozilla
[2016.03.04 13:41:22 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Mozilla
[2016.03.04 13:38:14 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Google
[2016.03.04 13:38:04 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Google
[2016.03.04 13:31:42 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\ACD Systems
[2016.03.04 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\AVG Netherlands BV
[2016.03.04 13:14:53 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\GHISLER
[2016.03.04 13:04:52 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Hewlett-Packard Company
[2016.03.04 13:04:43 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\AVG
[2016.03.04 13:04:41 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Avg
[2016.03.04 13:04:36 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Adobe
[2016.03.04 13:04:35 | 000,000,000 | R--D | C] -- C:\Users\Beda\Virtual Machines
[2016.03.04 13:04:35 | 000,000,000 | R--D | C] -- C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2016.03.04 13:04:35 | 000,000,000 | R--D | C] -- C:\Users\Beda\Searches
[2016.03.04 13:04:35 | 000,000,000 | R--D | C] -- C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2016.03.04 13:04:34 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Identities
[2016.03.04 13:04:33 | 000,000,000 | R--D | C] -- C:\Users\Beda\Contacts
[2016.03.04 13:04:33 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\VirtualStore
[2016.03.04 13:04:33 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\PC Suite
[2016.03.04 13:04:32 | 000,000,000 | --SD | C] -- C:\Users\Beda\AppData\Roaming\Microsoft
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Videos
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Saved Games
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Pictures
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Music
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Links
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Favorites
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Downloads
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Documents
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\Desktop
[2016.03.04 13:04:32 | 000,000,000 | R--D | C] -- C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\AppData\Local\Temporary Internet Files
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Šablony
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Soubory cookie
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\SendTo
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Poslední
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Okolní tiskárny
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Okolní síť
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Documents\Obrázky
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Nabídka Start
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Local Settings
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Documents\Hudba
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\AppData\Local\History
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Documents\Filmy
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Dokumenty
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\Data aplikací
[2016.03.04 13:04:32 | 000,000,000 | -HSD | C] -- C:\Users\Beda\AppData\Local\Data aplikací
[2016.03.04 13:04:32 | 000,000,000 | -H-D | C] -- C:\Users\Beda\AppData
[2016.03.04 13:04:32 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\TuneUp Software
[2016.03.04 13:04:32 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Microsoft Help
[2016.03.04 13:04:32 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Local\Microsoft
[2016.03.04 13:04:32 | 000,000,000 | ---D | C] -- C:\Users\Beda\AppData\Roaming\Media Center Programs
[2016.03.04 11:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
[2016.03.04 11:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2016.03.04 11:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2016.03.03 19:20:20 | 000,000,000 | ---D | C] -- C:\Users\Beda\Documents\Vlastní šablony Office
[2016.03.03 01:07:14 | 000,000,000 | ---D | C] -- C:\Users\Beda\Documents\Poznámkové bloky aplikace OneNote
[2016.03.03 01:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2016.03.03 01:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2016.03.02 10:21:12 | 000,269,232 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys

[MedaBeda]

OTL.txt - třetí část


========== Files - Modified Within 30 Days ==========

[2016.03.25 12:31:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.03.25 12:01:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Beda\Desktop\OTL.exe
[2016.03.25 12:00:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.03.25 12:00:03 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016.03.25 12:00:03 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016.03.25 11:21:56 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.03.25 11:21:56 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.03.25 11:06:37 | 001,584,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016.03.25 11:06:37 | 000,670,674 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016.03.25 11:06:37 | 000,654,828 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016.03.25 11:06:37 | 000,142,286 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016.03.25 11:06:37 | 000,122,700 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016.03.25 11:02:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.03.25 11:02:22 | 2106,269,695 | -HS- | M] () -- C:\hiberfil.sys
[2016.03.25 10:58:12 | 000,001,882 | ---- | M] () -- C:\Users\Beda\Desktop\iexplorer.lnk
[2016.03.25 10:45:17 | 000,000,841 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2016.03.25 10:44:37 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2016.03.25 10:43:55 | 001,309,184 | ---- | M] () -- C:\Users\Beda\Desktop\zoek.exe
[2016.03.25 10:31:40 | 001,610,352 | ---- | M] (Malwarebytes) -- C:\Users\Beda\Desktop\JRT.exe
[2016.03.24 13:59:17 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2016.03.24 09:23:34 | 005,658,151 | R--- | M] (Swearware) -- C:\Users\Beda\Desktop\ComboFix.exe
[2016.03.23 15:01:26 | 000,015,502 | ---- | M] () -- C:\Users\Beda\Desktop\Addition.zip
[2016.03.23 09:55:29 | 002,374,144 | ---- | M] (Farbar) -- C:\Users\Beda\Desktop\FRST64.exe
[2016.03.22 16:06:57 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.03.22 16:06:57 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016.03.22 12:55:13 | 001,530,368 | ---- | M] () -- C:\Users\Beda\Desktop\adwcleaner_5.105.exe
[2016.03.21 19:22:39 | 000,000,032 | ---- | M] () -- C:\Windows\0
[2016.03.21 18:28:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\0
[2016.03.21 14:27:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2016.03.21 09:00:29 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2016.03.19 13:09:10 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2016.03.19 12:44:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf
[2016.03.18 22:48:51 | 000,699,801 | ---- | M] () -- C:\Users\Beda\Desktop\litanie.psd
[2016.03.18 17:00:34 | 000,001,209 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2016.03.18 15:51:45 | 000,001,769 | ---- | M] () -- C:\Users\Beda\Desktop\Acrobat.lnk
[2016.03.18 10:39:07 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\SSD Fresh.lnk
[2016.03.18 09:53:36 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016.03.18 09:46:19 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2016.03.13 16:08:30 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Total Commander 64 bit.lnk
[2016.03.13 16:08:30 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\Total Commander.lnk
[2016.03.11 17:55:27 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\AVG Protection.lnk
[2016.03.10 08:30:23 | 000,002,309 | ---- | M] () -- C:\Users\Beda\Desktop\mp3 DirectCut.lnk
[2016.03.10 08:29:07 | 002,712,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016.03.04 12:43:43 | 000,002,497 | ---- | M] () -- C:\Users\Public\Desktop\AVG Driver Updater.lnk
[2016.03.04 12:10:57 | 000,129,326 | ---- | M] () -- C:\Users\Beda\Documents\test.pdf
[2016.03.03 19:20:44 | 000,051,913 | ---- | M] () -- C:\Users\Beda\Documents\cedulky_dveře.rtf
[2016.03.02 10:21:12 | 000,269,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys

========== Files Created - No Company Name ==========

[2016.03.25 12:31:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.03.25 12:00:04 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.03.25 10:59:45 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2016.03.25 10:43:55 | 001,309,184 | ---- | C] () -- C:\Users\Beda\Desktop\zoek.exe
[2016.03.24 10:50:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2016.03.24 10:50:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2016.03.24 10:50:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2016.03.24 10:50:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2016.03.24 10:50:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2016.03.23 15:01:26 | 000,015,502 | ---- | C] () -- C:\Users\Beda\Desktop\Addition.zip
[2016.03.22 12:55:11 | 001,530,368 | ---- | C] () -- C:\Users\Beda\Desktop\adwcleaner_5.105.exe
[2016.03.21 18:28:25 | 000,000,032 | ---- | C] () -- C:\Windows\0
[2016.03.21 18:28:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\0
[2016.03.21 14:27:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2016.03.19 13:11:07 | 000,000,035 | ---- | C] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2016.03.19 13:08:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2016.03.19 12:44:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf
[2016.03.18 22:45:07 | 000,699,801 | ---- | C] () -- C:\Users\Beda\Desktop\litanie.psd
[2016.03.18 17:00:34 | 000,001,221 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2016.03.18 17:00:34 | 000,001,209 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2016.03.18 15:51:45 | 000,001,769 | ---- | C] () -- C:\Users\Beda\Desktop\Acrobat.lnk
[2016.03.18 10:39:07 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\SSD Fresh.lnk
[2016.03.18 09:53:36 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016.03.13 16:08:30 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Total Commander 64 bit.lnk
[2016.03.13 16:08:30 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\Total Commander.lnk
[2016.03.13 11:54:24 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2016.03.04 13:45:33 | 000,001,298 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2016.03.04 13:45:32 | 000,001,286 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.03.04 13:04:36 | 000,001,687 | ---- | C] () -- C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2016.03.04 13:04:32 | 000,002,124 | ---- | C] () -- C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2016.03.04 12:43:43 | 000,002,497 | ---- | C] () -- C:\Users\Public\Desktop\AVG Driver Updater.lnk
[2016.03.04 12:10:57 | 000,129,326 | ---- | C] () -- C:\Users\Beda\Documents\test.pdf
[2016.03.04 11:34:56 | 000,002,476 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
[2016.03.04 11:34:56 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
[2016.03.04 11:34:55 | 000,002,482 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
[2016.03.04 11:34:55 | 000,002,448 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
[2016.03.03 19:20:43 | 000,051,913 | ---- | C] () -- C:\Users\Beda\Documents\cedulky_dveře.rtf
[2015.08.24 11:32:09 | 000,207,360 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010.01.10 22:51:08 | 000,208,384 | R--- | C] () -- C:\Program Files (x86)\spec14.exe
[2005.03.21 12:41:02 | 000,012,793 | ---- | C] () -- C:\Program Files (x86)\How To Install.html
[2005.02.25 13:37:00 | 000,157,035 | ---- | C] () -- C:\Program Files (x86)\LegalNotices.pdf
[2005.02.23 10:24:12 | 000,002,773 | ---- | C] () -- C:\Program Files (x86)\Read Me First.html
[2005.02.22 12:32:14 | 002,723,276 | ---- | C] () -- C:\Program Files (x86)\Photoshop New Features.pdf
[2005.02.22 12:31:44 | 000,142,049 | ---- | C] () -- C:\Program Files (x86)\Photoshop At A Glance.pdf

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016.01.22 07:19:58 | 014,179,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.01.22 07:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2016.03.04 13:31:42 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\ACD Systems
[2016.03.04 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\AVG
[2016.03.10 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\AviDvdBurner
[2016.03.10 12:33:40 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\AvitoDvd
[2016.03.10 12:27:56 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Easy Thumbnails
[2016.03.13 16:08:27 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\GHISLER
[2016.03.10 12:27:38 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\mp3DirectCut
[2016.03.10 12:22:46 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Nokia
[2016.03.10 12:22:52 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\PC Suite
[2016.03.21 19:41:56 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\POP Peeper
[2016.03.16 13:28:55 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Thunderbird
[2015.10.09 08:02:03 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\TuneUp Software
[2015.10.09 08:02:03 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2015.10.09 08:02:03 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,578 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2016.03.25 12:00:04 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2015.02.03 04:50:56 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=00D0F7BA3B27126A3E25B540979A9F39 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_d492bbeccaa14239\cryptsvc.dll
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2015.04.27 20:17:29 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=0925E2BEAC4493C887099F850D69BA3B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_d48a91becaa8aac3\cryptsvc.dll
[2010.11.21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2015.02.03 04:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=1CD76A83B9E8E9A5A3519B39E28354D9 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_d4021b35b189f3e7\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2015.04.27 20:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2015.04.27 20:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\SysWOW64\cryptsvc.dll
[2015.04.27 20:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=33F67BBCC3C0499D3F3382473114CFA8 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_77f653d3f91d2e9f\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2015.02.03 04:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=49474B3E37969AF4B5C076F42B623AFF -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_77e37fb1f92c82b1\cryptsvc.dll
[2015.04.27 19:55:50 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=59AF628BEF750EE470FD36751CA52137 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_786bf63b124b398d\cryptsvc.dll
[2015.04.27 20:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2015.04.27 20:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\Windows\SysNative\cryptsvc.dll
[2015.04.27 20:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) MD5=7BC3E861F7E8EB543A630090FAE779E0 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_d414ef57b17a9fd5\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2015.02.03 04:31:49 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=B97E16D36DB7B7DD22C97857506FA58A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_787420691243d103\cryptsvc.dll
[2013.05.10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2016.01.22 07:27:19 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=20DBEE43BF607324BFC79A02F3467DCD -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23338_none_b052775aa98671d5\explorer.exe
[2016.01.22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\SysWOW64\explorer.exe
[2016.01.22 06:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.19135_none_ba1a821dc4cc4ada\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2016.01.22 06:19:39 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9D77CC4A36FEEA644D002CFB9B2D42C0 -- C:\Windows\erdnt\cache86\explorer.exe
[2016.01.22 06:19:39 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9D77CC4A36FEEA644D002CFB9B2D42C0 -- C:\Windows\explorer.exe
[2016.01.22 06:19:39 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9D77CC4A36FEEA644D002CFB9B2D42C0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.19135_none_afc5d7cb906b88df\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2016.01.22 07:07:00 | 002,973,696 | ---- | M] (Microsoft Corporation) MD5=CEA6C2000AEC6CAF3CD6F3F73848E40A -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23338_none_baa721acdde733d0\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2015.07.15 19:10:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0D48E93C6BE3143C0198CB252B992D16 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18933_none_0459e0df737bef3f\lsass.exe
[2016.01.17 00:15:47 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=111A2A677ED641A7BD8D884EC4F6A185 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23334_none_04e459e28c98d5f0\lsass.exe
[2015.05.25 19:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=17A6A9AAD04CCC6EE53290585BFC43AF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18869_none_043f70f1738eddf5\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[2015.05.25 19:21:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2A953A1104439BA166FD63A5806A16DF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23072_none_04b713ec8cbb1b91\lsass.exe
[2015.07.15 04:19:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2CCFA4793B9696F26214634300FE8B37 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23126_none_04f126968c8ef25f\lsass.exe
[2015.07.15 19:08:44 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=31359EDA482F9A4C5DB36741596550AC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23136_none_04e656aa8c970e50\lsass.exe
[2015.04.04 04:20:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=4C3FAC816925F73A34AD52F1F7C0A7EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18812_none_046e7e87736ca0df\lsass.exe
[2016.02.10 18:38:05 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4FAAA369494A207617165DBFD10E34B5 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23349_none_04de8b688c9c7094\lsass.exe
[2016.01.22 05:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=5673794F254FE312AF62D9DA32805A2F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19135_none_045bbb7b737a5256\lsass.exe
[2016.01.16 18:39:51 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=6313B3E6CEA11B4829094EDAB9EA2FA5 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19131_none_0457ba53737decfa\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[2015.02.03 04:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=7554A1B82B4A222FD4CC292ABD38A558 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18741_none_044d0c937385de34\lsass.exe
[2016.02.11 18:32:25 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=7FB33A9A2E6B6D5CA9318668B95CA69C -- C:\Windows\erdnt\cache64\lsass.exe
[2016.02.11 18:32:25 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=7FB33A9A2E6B6D5CA9318668B95CA69C -- C:\Windows\SysNative\lsass.exe
[2016.02.11 18:32:25 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=7FB33A9A2E6B6D5CA9318668B95CA69C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.19160_none_04364a4573972776\lsass.exe
[2015.04.27 20:22:35 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9262D6E2C239EDD6D87B080F2BCCEC9F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18839_none_045fe0b573768a22\lsass.exe
[2015.09.16 00:37:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A51431778979B82E6C7041EAB29F66F4 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23211_none_04f6f6f68c8b54e2\lsass.exe
[2015.07.15 04:19:02 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=A7C232F194DE012B41B5EE0C5021CFDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18923_none_0464b0cb7373d34e\lsass.exe
[2015.04.04 04:25:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BB9C1B746086558899935E3333CD4580 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e\lsass.exe
[2016.01.22 07:27:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C102A257679340184DCD801B5634230B -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23338_none_04e85b0a8c953b4c\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2015.02.03 04:50:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=CBB80CC43E683F929F8D5E50330F7BA6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22948_none_04ddad4a8c9d2c86\lsass.exe
[2015.04.27 20:16:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D52C700254E7FBD9BF6D817BA7BA5309 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23040_none_04d5831c8ca49510\lsass.exe
[2015.07.22 23:03:07 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FBD94DDAB6D96DE7ECE7D38E48035A75 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23142_none_04d785968ca2c4e5\lsass.exe
[2015.07.23 01:01:53 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=FDD980360C9D72DA77F4C59376AE95C9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18939_none_045fe29b73768749\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2015.10.13 00:04:07 | 000,949,184 | ---- | M] (Microsoft Corporation) MD5=901D1BE3F8567B5D02747B1174FF708F -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23235_none_0661f94b4bdbc702\ndis.sys
[2015.10.13 05:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\erdnt\cache64\ndis.sys
[2015.10.13 05:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\SysNative\drivers\ndis.sys
[2015.10.13 05:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.19030_none_05d3592832c2ab5e\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2016.01.16 18:39:43 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=14B751D2C502A2E3E37CD3C8C99F5488 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19131_none_0a47d78e2fe4547e\smss.exe
[2015.05.25 19:21:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=18196A0F4C3904C81ACE6E91529227D9 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23072_none_0aa7312749218315\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 03:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.03.19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2015.07.23 01:02:14 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=50EEE09D03B94A13DFEFEFC1D774FC31 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18939_none_0a4fffd62fdceecd\smss.exe
[2015.07.15 19:10:25 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=55C48343919A72B0C8F5C42E4C798FCA -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18933_none_0a49fe1a2fe256c3\smss.exe
[2016.02.10 18:37:58 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=56518E444CA1D4BEAD4819B6D9528E4B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23349_none_0acea8a34902d818\smss.exe
[2015.07.15 19:08:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=5E200958CFBDB2B82C78B6F883236640 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23136_none_0ad673e548fd75d4\smss.exe
[2015.02.03 04:30:42 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=63D3C30B497347495B8EA78A38188969 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18741_none_0a3d29ce2fec45b8\smss.exe
[2016.01.22 05:57:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=789035A84618AC25CEDC91606029A4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19135_none_0a4bd8b62fe0b9da\smss.exe
[2016.01.17 00:15:38 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=839CD174F686363771B6A0BBE87CCD16 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23334_none_0ad4771d48ff3d74\smss.exe
[2015.02.03 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=8CD5A97B8D155718D357B2D9BC6B113D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22948_none_0acdca854903940a\smss.exe
[2015.10.01 19:06:20 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9815B80E8F45D4CFF468899A444FE3B8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23226_none_0ae145b748f5570a\smss.exe
[2015.05.25 19:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9BBEA639884C0338DD78654277BD188A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18869_none_0a2f8e2c2ff54579\smss.exe
[2015.07.15 04:19:24 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B094FD54A16671683B4A27A8C43BCDD0 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18923_none_0a54ce062fda3ad2\smss.exe
[2016.02.11 18:32:18 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=BAB3E8C0C2CFC7A9DC6A52615BC6064E -- C:\Windows\SysNative\smss.exe
[2016.02.11 18:32:18 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=BAB3E8C0C2CFC7A9DC6A52615BC6064E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19160_none_0a2667802ffd8efa\smss.exe
[2015.07.15 04:19:40 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=C95509F69D3584BB216C5B2365E74956 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23126_none_0ae143d148f559e3\smss.exe
[2015.04.27 20:17:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CF8DC00FA29243A347AD4B605AFFF1E5 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23040_none_0ac5a057490afc94\smss.exe
[2015.04.27 20:22:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=DA5EF2CC0764BE7097BAFA9CAF903FE8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18839_none_0a4ffdf02fdcf1a6\smss.exe
[2015.07.22 23:03:29 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E31F311AEACDAB79CFA4E5B5ACB2B954 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23142_none_0ac7a2d149092c69\smss.exe
[2013.03.19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2016.01.22 07:27:45 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F7EF6821E330D14E3A84649A35C86217 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23338_none_0ad8784548fba2d0\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\erdnt\cache64\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\erdnt\cache64\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ebe5c5d7f730b7b5a7fc15c0024591d0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ebe5c5d7f730b7b5a7fc15c0024591d0\*.tmp -> ]
[399 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]

[MedaBeda]

OTL.txt - konec




< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2016.03.04 13:31:42 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\ACD Systems
[2016.03.25 12:10:28 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Adobe
[2016.03.04 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\AVG
[2016.03.10 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\AviDvdBurner
[2016.03.10 12:33:40 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\AvitoDvd
[2016.03.10 12:34:32 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\AVS4YOU
[2016.03.10 12:27:56 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Easy Thumbnails
[2016.03.13 16:08:27 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\GHISLER
[2016.03.05 09:28:42 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Google
[2016.03.04 13:04:52 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Hewlett-Packard Company
[2016.03.18 09:47:19 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\HpUpdate
[2016.03.04 13:04:34 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Identities
[2016.03.04 13:43:51 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Macromedia
[2011.04.12 09:45:23 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Media Center Programs
[2016.03.21 19:22:54 | 000,000,000 | --SD | M] -- C:\Users\Beda\AppData\Roaming\Microsoft
[2016.03.04 13:41:29 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Mozilla
[2016.03.10 12:27:38 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\mp3DirectCut
[2016.03.10 12:33:46 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\NCH Software
[2016.03.10 12:22:46 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Nokia
[2016.03.10 12:33:46 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\NVIDIA
[2016.03.10 12:22:52 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\PC Suite
[2016.03.21 19:41:56 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\POP Peeper
[2016.03.10 12:28:12 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\PSpad
[2016.03.25 00:03:26 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Skype
[2016.03.16 13:28:55 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\Thunderbird
[2015.10.09 08:02:03 | 000,000,000 | ---D | M] -- C:\Users\Beda\AppData\Roaming\TuneUp Software

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2016.03.25 12:00:03 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2016.03.25 12:00:03 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2016.03.25 11:04:30 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016.03.25 12:31:04 | 000,000,512 | ---- | M] () MD5=8E5590769C28AA70A285EC5CB4A4B3E1 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2016.03.04 13:37:58 | 000,000,134 | ---- | M] () -- \Users\Beda\Favorites\How To Use Cracks Tutorial.URL
[2016.03.04 13:37:58 | 000,000,150 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\Alex Scoble's IT Notes - An Information Technology Blog How to Crack, Unprotect or Remove Document Protection in Word.URL
[2016.03.04 13:37:58 | 000,000,176 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\Office Multi-document Password Cracker 2.0 by Rixler Software Unprotect multiple Word and Excel documents.URL
[2016.03.04 13:37:58 | 000,000,156 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\SerialCrackTorrent.com Adobe Pagemaker Free download.URL
[2016.03.04 13:37:58 | 000,000,131 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\YouTube - How to crack Microsoft Office passwords Masked brute force.URL
[2016.03.04 13:37:59 | 000,000,150 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\Alex Scoble's IT Notes - An Information Technology Blog How to Crack, Unprotect or Remove Document Protection in Word.URL
[2016.03.04 13:37:59 | 000,000,176 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\Office Multi-document Password Cracker 2.0 by Rixler Software Unprotect multiple Word and Excel documents.URL
[2016.03.04 13:37:59 | 000,000,156 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\SerialCrackTorrent.com Adobe Pagemaker Free download.URL
[2016.03.04 13:37:59 | 000,000,131 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\YouTube - How to crack Microsoft Office passwords Masked brute force.URL
[2016.03.04 13:37:58 | 000,000,150 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\Alex Scoble's IT Notes - An Information Technology Blog How to Crack, Unprotect or Remove Document Protection in Word.URL
[2016.03.04 13:37:58 | 000,000,176 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\Office Multi-document Password Cracker 2.0 by Rixler Software Unprotect multiple Word and Excel documents.URL
[2016.03.04 13:37:58 | 000,000,156 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\SerialCrackTorrent.com Adobe Pagemaker Free download.URL
[2016.03.04 13:37:58 | 000,000,131 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\YouTube - How to crack Microsoft Office passwords Masked brute force.URL

< *keygen* /s >
[2016.03.04 13:37:58 | 000,000,137 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\Uloz.to! AUTOCAD 2008 CZ + KEYGEN.zip.URL
[2016.03.04 13:37:59 | 000,000,137 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\Uloz.to! AUTOCAD 2008 CZ + KEYGEN.zip.URL
[2016.03.04 13:37:58 | 000,000,137 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\Uloz.to! AUTOCAD 2008 CZ + KEYGEN.zip.URL

< *AntiWPA* /s >

< *loader* /s >
[2013.01.02 14:54:33 | 000,002,137 | ---- | M] () -- \FRST\Quarantine\C\zoek_backup\C_Users_Public_Desktop_Rajce Photo Downloader.lnk.vir
[1 \FRST\Quarantine\C\zoek_backup\*.tmp files -> \FRST\Quarantine\C\zoek_backup\*.tmp -> ]
[2005.03.24 12:51:08 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2004.02.03 09:27:56 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2007.05.16 08:26:06 | 000,177,712 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2013.05.30 13:48:02 | 004,372,840 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
[2013.05.30 13:44:14 | 000,095,971 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.sil
[2013.07.09 18:08:34 | 004,496,744 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
[2013.05.29 17:34:00 | 000,046,165 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.sil
[2016.02.04 08:46:26 | 000,279,320 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2016.02.04 08:46:26 | 000,028,488 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.02.03 03:32:08 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2015.09.01 14:42:02 | 002,089,088 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
[2015.08.21 13:48:16 | 000,015,511 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2015.08.21 13:48:16 | 000,064,651 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2015.08.21 13:48:16 | 000,064,719 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2013.04.17 08:30:33 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2013.04.17 08:30:33 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2013.04.17 08:30:33 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 10:29:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2016.02.11 22:25:55 | 000,002,381 | ---- | M] () -- \Program Files (x86)\Mozilla Thunderbird\distribution\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\components\calBackendLoader.js
[2012.06.26 11:36:20 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.05.31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 02:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2008.10.08 19:16:46 | 000,291,840 | ---- | M] () -- \Program Files (x86)\RajcePhotoDownloader\RajcePhotoDownloader.exe
[2008.12.17 20:59:44 | 000,007,927 | ---- | M] () -- \Program Files (x86)\Sweet Home 3D\THIRDPARTY-LICENSE-LOADER3DS.TXT
[2008.12.17 20:59:42 | 000,135,493 | ---- | M] () -- \Program Files (x86)\Sweet Home 3D\lib\Loader3DS1_2.jar
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2014.09.03 00:27:24 | 000,364,176 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 00:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2015.09.09 18:57:27 | 000,002,305 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2015.09.09 18:57:27 | 000,002,305 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2016.03.25 12:00:08 | 000,004,203 | ---- | M] () -- \Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABE70GC1\action_type_loader[1].js
[2016.03.04 13:37:58 | 000,000,142 | ---- | M] () -- \Users\Beda\Favorites\Beda\filmy a video\http--www.mp4kits.com-Product-photobucketdownloader-.URL
[2016.03.04 13:37:58 | 000,000,131 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\Stream Downloader.URL
[2016.03.04 13:37:58 | 000,000,138 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\YouTube downloader - eMag.cz.URL
[2016.03.04 13:37:58 | 000,000,142 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\filmy a video\http--www.mp4kits.com-Product-photobucketdownloader-.URL
[2016.03.04 13:37:59 | 000,000,131 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\Stream Downloader.URL
[2016.03.04 13:37:59 | 000,000,138 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\YouTube downloader - eMag.cz.URL
[2016.03.04 13:37:58 | 000,000,142 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\filmy a video\http--www.mp4kits.com-Product-photobucketdownloader-.URL
[2016.03.04 13:37:58 | 000,000,131 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\Stream Downloader.URL
[2016.03.04 13:37:58 | 000,000,138 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\YouTube downloader - eMag.cz.URL
[2016.03.18 10:08:01 | 000,016,388 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2012.08.29 19:24:16 | 000,002,305 | ---- | M] () -- \Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
[2016.02.11 19:30:35 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2016.02.11 19:30:35 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:16:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:06:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_68cc15ff92788e54\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:00:47 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_68c146139280aa45\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 00:52:00 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_68c747cf927b424f\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 19:54:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_68bf1f879282a800\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:12:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_68c320af927f0d5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.02.11 19:41:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19160_none_689daf79929be27c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:10:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:11:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_69588bcaab93ad65\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:05:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_694dbbdeab9bc956\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 22:52:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_693eeacaaba77feb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.10.01 18:57:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23226_none_69588db0ab93aa8c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.17 01:28:14 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_694bbf16ab9d90f6\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:17:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_694fc03eab99f652\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.02.10 19:48:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23349_none_6945f09caba12b9a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.10.14 21:20:24 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_915a6c4113b415c1.manifest
[2015.10.14 21:20:24 | 000,033,216 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_915a6c4113b415c1_winload.efi.mui_35ee487d
[2015.10.14 21:20:24 | 000,034,752 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_915a6c4113b415c1_winload.exe.mui_3bc5b827
[2015.10.14 21:20:24 | 000,029,632 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_915a6c4113b415c1_winresume.efi.mui_f412814e
[2015.10.14 21:20:24 | 000,030,144 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_915a6c4113b415c1_winresume.exe.mui_ff8b5358
[2015.10.14 21:20:24 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_b93eb7c983517bf4.manifest
[2015.10.14 21:20:24 | 000,692,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_b93eb7c983517bf4_winload.efi_75834aa0
[2015.10.14 21:20:25 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_b93eb7c983517bf4_winload.exe_75835076
[2015.10.14 21:20:25 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_b93eb7c983517bf4_winresume.efi_85cd069f
[2015.10.14 21:20:25 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_b93eb7c983517bf4_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.13 23:05:41 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2011.04.12 09:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.02.03 05:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.10.01 20:47:40 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_915a6c4113b415c1.manifest
[2015.02.03 06:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.04.27 21:33:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.05.25 21:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.07.15 06:49:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_91e90a7e2ccd343e.manifest
[2015.07.15 21:47:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_91de3a922cd5502f.manifest
[2015.07.23 04:58:18 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_91cf697e2ce106c4.manifest
[2015.10.01 20:13:38 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_cs-cz_91e90c642ccd3165.manifest
[2016.01.17 03:04:48 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_cs-cz_91dc3dca2cd717cf.manifest
[2016.01.22 09:02:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_91e03ef22cd37d2b.manifest
[2016.02.10 21:49:07 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_cs-cz_91d66f502cdab273.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 04:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.10.01 19:31:17 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_b93eb7c983517bf4.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.02.03 05:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.04.27 20:40:54 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.05.25 19:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2015.07.15 04:48:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_b9cd56069c6a9a71.manifest
[2015.07.15 19:39:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_b9c2861a9c72b662.manifest
[2015.07.23 02:47:39 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_b9b3b5069c7e6cf7.manifest
[2015.10.01 19:34:58 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23226_none_b9cd57ec9c6a9798.manifest
[2016.01.17 01:57:33 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23334_none_b9c089529c747e02.manifest
[2016.01.22 07:51:12 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_b9c48a7a9c70e35e.manifest
[2016.02.10 20:26:17 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23349_none_b9babad89c7818a6.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 19:59:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 18:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 03:47:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_0cad7a7bda1b1d1e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 18:44:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_0ca2aa8fda23390f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 18:42:39 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_0ca8ac4bda1dd119\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 19:34:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_0ca08403da2536ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 06:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.02.11 19:30:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19160_none_0c7f13f5da3e7146\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 19:52:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 03:51:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_0d39f046f3363c2f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 18:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_0d2f205af33e5820\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 00:54:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_0d204f46f34a0eb5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.09.28 21:07:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23223_none_0d36f14ef338ed51\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.17 01:09:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_0d2d2392f3401fc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 06:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.02.10 19:24:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23349_none_0d275518f343ba64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.01.30 21:16:54 | 000,001,670 | ---- | M] () -- \zoek_backup\C_Users_Beda_Desktop_RajcePhotoDownloader.lnk.vir

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2016.03.02 23:41:49 | 000,002,890 | ---- | M] () -- \FRST\Quarantine\C\Windows\System32\Tasks\AutoKMS.xBAD
[2016.03.23 09:49:11 | 000,000,260 | ---- | M] () -- \FRST\Quarantine\C\Windows\Tasks\AutoKMS.job.xBAD

< *activator* /s >

< *serial* /s >
[2016.03.23 21:32:14 | 000,831,176 | ---- | M] () -- \Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Document.XmlSerializers.dll
[2016.03.23 21:32:14 | 000,143,040 | ---- | M] () -- \Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Storage.XmlSerializers.dll
[2015.12.11 23:12:28 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.41212.0\System.Runtime.Serialization.dll
[2016.01.13 23:51:21 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.41212.0\System.Runtime.Serialization.ni.dll
[2016.02.11 22:25:56 | 000,002,957 | ---- | M] () -- \Program Files (x86)\Mozilla Thunderbird\distribution\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\calendar-js\calIcsSerializer.js
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2015.12.11 23:42:28 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.41212.0\System.Runtime.Serialization.dll
[2016.01.13 23:51:42 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.41212.0\System.Runtime.Serialization.ni.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2016.03.04 13:37:58 | 000,000,207 | ---- | M] () -- \Users\Beda\Favorites\AVG Internet Security 2011 v10.0.1120 Serial Till 2018 Warez-BB.org - dyk.URL
[2016.03.04 13:37:58 | 000,000,156 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\SerialCrackTorrent.com Adobe Pagemaker Free download.URL
[2016.03.04 13:37:58 | 000,000,201 | ---- | M] () -- \Users\Beda\Favorites\Beda\na počítač\antivir\Convert Kaspersky Serial To a License Key File For Offline Activation.URL
[2016.03.04 13:37:59 | 000,000,156 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\SerialCrackTorrent.com Adobe Pagemaker Free download.URL
[2016.03.04 13:37:59 | 000,000,201 | ---- | M] () -- \Users\Beda\Favorites\bydleni\coursing\Beda\na počítač\antivir\Convert Kaspersky Serial To a License Key File For Offline Activation.URL
[2016.03.04 13:37:58 | 000,000,156 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\SerialCrackTorrent.com Adobe Pagemaker Free download.URL
[2016.03.04 13:37:59 | 000,000,201 | ---- | M] () -- \Users\Beda\Favorites\coursing\Beda\na počítač\antivir\Convert Kaspersky Serial To a License Key File For Offline Activation.URL
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2016.02.12 08:07:36 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\7f8e76c5817e18659ff1c6e6a0b27ff1\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2016.02.12 08:23:49 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\966c8ea1f8ee9956e5e5897bd6d7967a\System.Runtime.Serialization.ni.dll
[2016.02.12 08:05:54 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\15736aa5e5062e0e26c3831cb35c09d0\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2016.02.12 08:26:29 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\44ac79d503db5d9fe8008cdc644ca3d0\System.Runtime.Serialization.ni.dll
[2016.02.11 20:00:02 | 000,306,176 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\b99998a01b9bf8a7540c9f78846a1016\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2016.02.11 20:00:02 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\b99998a01b9bf8a7540c9f78846a1016\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2016.02.11 20:00:07 | 002,803,200 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\09d2bd27d9df95bc3096cac9430aae04\System.Runtime.Serialization.ni.dll
[2016.02.11 20:00:07 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\09d2bd27d9df95bc3096cac9430aae04\System.Runtime.Serialization.ni.dll.aux
[2015.04.10 10:51:22 | 000,025,600 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll
[2015.04.10 10:51:22 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll.aux
[2016.02.12 08:30:12 | 000,366,080 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f8f8bb37522b00c0dc245d1aeb2ae8fe\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2016.02.12 08:30:12 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\f8f8bb37522b00c0dc245d1aeb2ae8fe\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2016.02.12 08:31:15 | 003,529,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7261611092b54adb529bc22b8deafdc2\System.Runtime.Serialization.ni.dll
[2016.02.12 08:31:15 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7261611092b54adb529bc22b8deafdc2\System.Runtime.Serialization.ni.dll.aux
[2015.04.10 12:28:25 | 000,027,648 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\85b2d15d965e64489744325c53d91db0\System.Xml.Serialization.ni.dll
[2015.04.10 12:28:25 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\85b2d15d965e64489744325c53d91db0\System.Xml.Serialization.ni.dll.aux
[2014.04.11 23:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll.amd64
[2014.04.11 23:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll.x86
[2014.04.11 23:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll_gac_x86
[2014.04.12 00:48:40 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.11 23:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.11 22:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2014.04.11 22:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014.04.12 00:48:40 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.04.11 22:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.04.11 22:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2014.04.11 22:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2014.04.11 23:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.11 22:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014.04.11 22:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014.04.11 22:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014.04.11 22:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2014.04.11 22:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014.04.12 00:48:40 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.12 00:48:40 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2014.04.11 23:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.11 22:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014.04.11 22:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014.04.11 22:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014.04.11 22:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2014.04.11 22:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2014.04.11 23:40:46 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.11 23:40:46 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_1e468964c1feb99a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_1ec35795db263fce\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 09:34:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_bb8e310269277fd7\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_bc0cffc7824d38b9\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:13 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2014.03.09 22:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2014.03.09 22:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2012.08.29 20:09:58 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.08.29 20:09:58 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.04.12 09:34:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.04.12 09:34:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2014.07.02 07:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014.07.14 03:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2014.07.02 07:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014.07.14 03:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2010.11.21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2014.07.02 07:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014.07.14 03:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2014.07.02 07:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014.07.14 03:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2010.11.21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2014.07.02 06:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 03:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2014.07.02 07:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 03:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2011.04.12 09:33:41 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2014.07.02 08:46:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 05:02:27 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2014.07.02 09:08:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 05:06:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2010.11.21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2014.07.02 07:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 03:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2014.07.02 07:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 03:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2010.11.21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2014.07.02 06:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 03:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2014.07.02 07:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 03:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2014.03.17 15:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_289b33b6f65f7b95\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_291801e80f8701c9\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

[MedaBeda]

Extras.txt

OTL Extras logfile created on: 25.3.2016 12:29:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Beda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,95 Gb Total Physical Memory | 5,35 Gb Available Physical Memory | 67,28% Memory free
15,90 Gb Paging File | 12,81 Gb Available in Paging File | 80,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,59 Gb Total Space | 37,92 Gb Free Space | 33,98% Space Free | Partition Type: NTFS
Drive E: | 698,63 Gb Total Space | 158,73 Gb Free Space | 22,72% Space Free | Partition Type: NTFS

Computer Name: BEDA | User Name: Beda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-332784963-1637011244-2087319766-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13250750-F154-47DC-B52C-2AF10C1FF3ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A7F9AE1-8206-4FA4-87AE-4E52FC349613}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{22FFF7F4-484F-4F92-937B-36824F0158B1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{2732D9C2-7AB5-456D-BCEE-BB37777130E9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{29E5F1E2-2E4A-4BBB-86D8-B2809729741A}" = rport=138 | protocol=17 | dir=out | app=system |
"{314A0286-82DD-4D78-A594-0E9A7BC931DF}" = lport=139 | protocol=6 | dir=in | app=system |
"{3AF698F0-C77F-4E5A-A4EC-1D7FED04A4A7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{513C78F9-F670-4A1E-9D67-1674C1039806}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{599EBF89-EC82-4EE3-AB44-B2189E33ABA8}" = rport=139 | protocol=6 | dir=out | app=system |
"{5C9A8B93-3CAA-4C54-A5D5-2546E4A4E274}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{607D40E1-806C-4F04-ADFB-D140DA4E14AA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61647287-DB48-408C-AC4B-BC37C2D64742}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6877F9FC-A5F7-4093-A1BD-EA3111470063}" = rport=137 | protocol=17 | dir=out | app=system |
"{699C45E2-1B32-4420-A39F-74ACA5F40F36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70AD82DD-1165-4FBA-AB6D-C5A0A2E1435C}" = lport=445 | protocol=6 | dir=in | app=system |
"{7B21B435-2723-4EEE-9C12-D7DEA0A1E16E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7FFB9EBB-D0AC-4BA7-AA05-6CDEC9259949}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8F4894C8-9587-468A-B6B5-B6FC4F9EF79F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FB9E3C3-BD4F-42ED-9B78-3ED70924BB35}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{ACF78D8C-82EF-4AFA-816A-B65C8B5B8D9E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B245BB4A-3237-4CA7-A083-A4B1743636B7}" = rport=445 | protocol=6 | dir=out | app=system |
"{C6B9C056-7AD8-46E3-90D9-161DA25ECDC6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CFC40380-FA25-40A6-932D-AFFC790BEC44}" = lport=138 | protocol=17 | dir=in | app=system |
"{D0720FCF-87A0-48D1-B721-645F7B0E307F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EEFE05AE-3583-4B82-99C0-3B860DB90F5D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EFB22AAF-1478-4CB9-8B15-092BE8960D1D}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004C8E43-6134-4888-985C-6C8635FBB50E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B27C2F6-2E24-4DD9-9AA3-F8FE50EC8C80}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{1279A542-717F-4632-BD80-BB53F5FE3435}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{165A1CCC-AC33-484A-89DA-96B6EFEF5549}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A0D49AF-75BC-4EA8-9D45-335ADE9FCFCA}" = protocol=17 | dir=in | app=c:\users\oem\appdata\local\temp\7zs030d\hpdiagnosticcoreui.exe |
"{1D3E3C3A-458B-47EF-BE58-AB41C6D252F1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{23A61B90-1C3E-4892-8C86-4F26C36DD6B9}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{25128289-1D92-42EC-AA25-56CEBFA4D67D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer_service.exe |
"{2A1DBF7F-498F-4381-81C8-D2F4404A39F0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgdiagex.exe |
"{2F55514C-160E-4783-9C12-848823370EDE}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil_.exe |
"{31315908-45E8-4D86-A13E-4A08F8293E80}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{349A57B3-8889-4245-BAF7-FA5C8DD52E5C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgdiagex.exe |
"{363C5DF0-615C-4E31-9BA6-7D2FD64C18B2}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{3A312B93-3C3C-4193-84A3-C12B643FC242}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{3BD49DA4-E131-4C1F-9919-B5C8F0CA9E37}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3ED21770-012C-4FC3-A08F-B62B7C8F2600}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A49980F-9376-4A9D-8BBD-6D3ADEDBE5B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4CD7BAD7-5BB9-43A7-BCAE-AB07F9D52CD7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgmfapx.exe |
"{51562B16-5C05-454F-8771-CC3692AD0618}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe |
"{523C643D-4F9D-4D4B-A380-8501063B2C4B}" = protocol=17 | dir=in | app=c:\users\oem\appdata\local\microsoft\windows\temporary internet files\content.ie5\tiuggtuh\vuescan_(64-bit)_v.9.1.15_keygen_downloader.exe |
"{5445A18C-E56E-40FD-9766-CA2FC63735B6}" = protocol=6 | dir=out | app=system |
"{55807B71-13BC-4015-BBA1-1C1C22C0F6EC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer_service.exe |
"{5616035D-9028-4D23-9450-EF9C8631CADA}" = dir=in | app=c:\users\oem\appdata\local\microsoft\onedrive\onedrive.exe |
"{569E23B7-607F-44BE-BD02-017AE2D464B1}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil_.exe |
"{583CA384-0662-4FE8-92E7-41732D2AAB7C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{5BC8C9F0-4636-4154-9CDC-A6FD5BD087C7}" = dir=in | app=c:\program files (x86)\hp\hp laserjet pro mfp m125-m126\bin\ewsproxy.exe |
"{605BF238-8879-45EB-A777-6AE97D546B40}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe |
"{61F75D68-F7A6-4CB6-9166-7B3D7F963EBE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{6386D9D9-9315-416D-B59B-7E1195E9572F}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfiledownloader.exe |
"{6E548D89-BB0E-4A75-AABA-385AEC9CE1DA}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{71DF8BF8-02C3-4DBA-B463-60E4C87F56C6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe |
"{790A7CD0-FB3C-42E4-8FD4-08805D7D8DF3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7922E9EA-E2CB-481B-97B0-8F80F91A12E8}" = protocol=6 | dir=in | app=c:\users\oem\appdata\local\temp\7zs030d\hpdiagnosticcoreui.exe |
"{800C3874-AE22-4F2B-A59C-D434F8719EF4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{8B73C9CD-7FCF-4A60-925E-5CE5E32484B1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgmfapx.exe |
"{8C9DE555-CB20-4087-9AC0-10ED399DE0F3}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{9358D7FA-2055-46C9-B243-610372393AC2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{9431DE00-9F56-45D4-9E01-BA1C5F16F3B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9477D080-6392-4278-B5C6-2EDB772BBFFB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A4E9E9B5-D579-415E-92C3-93CDED18CAE5}" = dir=out | app=c:\users\oem\appdata\local\temp\nsn21d5.tmp\installer-10547780.exe |
"{A7BE4E7E-A5D7-41AA-9EFF-8E2BE7044B2C}" = dir=in | app=c:\users\oem\appdata\local\temp\nsn21d5.tmp\installer-10547780.exe |
"{A918030C-45B3-4482-BBB2-D5011DE7BFAE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{B55BA1C4-F175-46D1-B5B0-46D51D2683AB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{B70C5A83-1FDD-43EE-98E1-91ABC76DAD81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BB747E01-EB98-4073-9FAA-AE99491D1B17}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{C18B58FC-DFF0-4096-8658-6484B1707C9D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C50F28DB-3EB2-4A2D-B326-956FDB825B26}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C69F57A5-FD47-4EBE-88E5-81319B7DD95A}" = protocol=58 | dir=in | app=system |
"{CE0A262D-E98C-471D-9DA9-9ECE663A82FF}" = dir=in | app=c:\program files (x86)\hp\hp laserjet pro mfp m125-m126\bin\hpnetworkcommunicatorcom.exe |
"{D54AB980-9221-452A-AEE0-E7DC5161E6A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DA8C4C12-152E-4624-9961-70EF50438E86}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe |
"{E316C097-5AD0-494F-AAD1-43D41CE2802C}" = protocol=6 | dir=in | app=c:\users\oem\appdata\local\microsoft\windows\temporary internet files\content.ie5\tiuggtuh\vuescan_(64-bit)_v.9.1.15_keygen_downloader.exe |
"{EAD372CB-0C34-4670-A51D-808386E75109}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfiledownloader.exe |
"{EBDBEADA-21F0-4E85-8BAF-08995016DA83}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF72D6B5-ABD6-4742-B2EA-C6E6CBEB3C94}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F0727D9C-2F0B-4289-BDD3-3DD8E76F6DC3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F1BACDB5-863A-4EDD-BFC5-D6C1D1EB8BBD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{F4B9D8C4-D874-4CF0-9067-808B3140E2B2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F9F2872B-320B-4FB3-81F6-1A883208424C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FFC8C609-1A83-4790-9A9C-A595B440909C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0F307ADB-7612-4F67-A218-6EB4C2A6368F}C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe |
"TCP Query User{1BC83AB4-ACB2-4525-9776-229176D0A944}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{2A2795BF-9AAC-420C-9197-78BA7A6CC4DD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{31332610-5F75-4B08-AFA0-490D26F15C61}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{50D96520-44F7-432F-B8D6-D0AE987AE7BF}C:\xampp\filezillaftp\filezillaserver.exe" = protocol=6 | dir=in | app=c:\xampp\filezillaftp\filezillaserver.exe |
"TCP Query User{6827D66F-97E2-4AAF-95D3-E9BC5B2E0583}C:\xampplite\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampplite\apache\bin\httpd.exe |
"TCP Query User{72D948BD-AECA-4CAC-8625-9698593B01D6}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{7B96D803-6BA9-4590-AC9E-1E0632CFE07E}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{8A0DC20E-DCB9-4BF7-8562-F57328EC73EF}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{BBCFAF90-4AAD-4E32-A358-C0D0527E04D8}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{C90D0CFD-CD90-44FD-8C69-1C38210811EE}C:\users\oem\appdata\local\temp\kmsact\pack\keygen\keygen.exe" = protocol=6 | dir=in | app=c:\users\oem\appdata\local\temp\kmsact\pack\keygen\keygen.exe |
"TCP Query User{D57E51E3-45D5-4017-8343-3161D343BFDE}C:\program files (x86)\nero\nero 7\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 7\nero showtime\showtime.exe |
"TCP Query User{EAD4A945-C6EE-4B1A-AEE5-E44018880C9E}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 7\nero home\nerohome.exe |
"UDP Query User{4BB669F2-F842-42E1-A3AB-8ABC04A1AFF5}C:\users\oem\appdata\local\temp\kmsact\pack\keygen\keygen.exe" = protocol=17 | dir=in | app=c:\users\oem\appdata\local\temp\kmsact\pack\keygen\keygen.exe |
"UDP Query User{5021E7F1-1848-4B9E-9B28-E3AF3DC0EA2A}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{50729BB2-7DC8-4279-B8D9-4D030871FED4}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{52AF21A5-DB67-4498-B71A-5BBB59EFD10F}C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe |
"UDP Query User{5492B9F8-376B-4B73-B7CE-AD8C17FFA9B4}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 7\nero home\nerohome.exe |
"UDP Query User{6DAA31BE-E7EB-4D99-A592-4D29BCB152EB}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{7945B713-DB7C-49CC-B97B-EC71BD03ED96}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{8BFDB699-6E92-4292-BD9A-8B050188CCB5}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{A1084A03-8BA4-48C1-B86F-E2D3EFEC2EBA}C:\xampplite\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampplite\apache\bin\httpd.exe |
"UDP Query User{A20A8F74-7EA8-467E-AEAB-CBA9DDFF8557}C:\program files (x86)\nero\nero 7\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 7\nero showtime\showtime.exe |
"UDP Query User{A4C41CB7-9AA3-4F4A-89DD-6F04D608D731}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{CA51FF37-8160-4C31-A6D2-30BE062664AB}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{CB5B4826-57CB-4BDB-8C92-20A89B3193F1}C:\xampp\filezillaftp\filezillaserver.exe" = protocol=17 | dir=in | app=c:\xampp\filezillaftp\filezillaserver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AB3CCB3-5C0B-4C65-9FA4-CFEF6283F7F1}" = FMW 1
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}" = Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1" = ConvertHelper 3.1.1
"{2B8ECD93-21E5-4FC5-9CA6-AD616C42BA63}" = AVG
"{2F884A17-E051-3DB7-B093-6274C98740F6}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩
"{302600C1-6BDF-4FD1-1311-148929CC1385}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2)
"{30E20E5D-5E4E-4874-A35A-952DB3582C29}" = HP Unified IO
"{36B98E65-CA52-348C-9ED7-77B926A16C2D}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5707EC26-AA9F-32C6-B7C1-347A3482CEC0}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{73A36613-1F8F-3D94-B28A-4CC0E3CAECB5}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA
"{73A64813-E631-3807-8E78-BA679EDA09A8}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90160000-008F-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ACC5B116-C09D-429E-9ACF-768FA52DC072}" = AVG 2016
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BA14C6F7-A633-3E88-831B-FCC197A5A17D}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{CD56C9B9-FB98-372B-8BC7-FDA312CD2511}" = Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DDDF762A-2D1D-36A3-9B70-70BD62B4EDCF}" = Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN
"{E237254B-36A1-3D27-815E-B37C13BE0796}" = Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{FB501A6E-CA6D-36DA-8860-17F0E6D89155}" = Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"AVG" = AVG Protection
"CCleaner" = CCleaner
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"HomeStudentRetail - cs-cz" = Microsoft Office 2016 pro domácnosti - cs-cz
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Recuva" = Recuva
"Unlocker" = Unlocker 1.9.1-x64
"VueScan" = VueScan
"Windows Movie Maker" = Windows Movie Maker

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03077B58-6ACF-32CA-B42A-EAA458C295A1}" = Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}" = HPDXP
"{0FE6DE07-8CBA-3F73-86B4-51B91E506D24}" = Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件
"{178F0383-A2F1-427C-9881-6EACB8728C76}" = hppLaserJetService
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}" = hppM125LaserJetService
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{30DD7187-F392-4D83-8AED-D9A2DC64EF15}" = HPLJUTCore
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3371699A-C1EF-3AC3-B094-D338191FA6E9}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français
"{3AC11667-B4DD-4984-AD0B-B2D4E40AB573}" = 15354 Webcam Live
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{42CC40A6-332E-4F53-8FB8-BD6D77D764FB}_is1" = Photo to Sketch 4.0
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0402.1
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{581A9CCB-1AD7-4BB4-A698-590305F773FB}" = hpStatusAlertsM125-M126
"{5950473A-825B-3019-AF86-55F2F9A95FCB}" = Microsoft Visual Studio Tools for Applications 2012 Finalizer
"{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}" = HPLJDXPHelper
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}" = hpbDSService
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}" = hpStatusAlerts
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{668CC71A-C2AD-4D56-866D-CF300BD1D5BE}_is1" = Ontrack EasyRecovery Professional
"{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}" = Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7259BDDA-D888-309D-ADE1-84AA0CB24FE9}" = Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{82E7776B-E837-4584-BD0D-E2F54A0F6960}" = HP LaserJet Pro MFP M125-M126 HP Device Toolbox
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{859C7535-6862-3867-B97E-816795E8AB65}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{89ca2a32-2b52-4595-8dfd-6fe4757958d0}" = Microsoft Visual Studio Tools for Applications 2012
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5
"{8B79684C-6DAC-438C-8F30-10DF65C2068F}" = Samsung Digital Camera
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90160000-008C-0000-0000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0405-0000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{955E1388-E1F1-320A-A018-24616ED60F95}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}" = hpbM126DSService
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}" = HPLJUTM125_126
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A3EB1DE3-9D3F-34C2-BDE6-5A8A4B98CC37}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-1033-C470-7760-CE0000000001}" = Adobe Acrobat 6.0 CE Professional
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Samsung Master
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1CB7E99-4685-45CB-867E-2FB58EDA0A39}" = HP Unified IO
"{B2894225-82C7-4006-B243-6272589993B2}" = HPLJProMFPM125M126
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B8FD8F53-7E58-3DE5-A8FC-CB2B5CCF38CE}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{c65448bc-e467-4ec7-b4a5-246697f52957}" = HP LaserJet Pro MFP M125-M126
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAAC553D-EE02-32D2-9F7E-FBC5C22E4C08}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket
"{CF06B8C4-F6FC-3A4B-ADD0-04A1CAC3DD86}" = Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support
"{D2437C5C-2D8C-40D2-8059-689AD7239FA3}" = Intel(R) C++ Redistributables for Windows* on Intel(R) 64
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31029}" = Nero 7 Ultra Edition
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E2B086BD-75A9-45D1-A675-151624B259A1}" = Splashtop Connect for IE
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}" = LJDXPHelperUI
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}" = Splashtop Connect for Firefox
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F84EA1B1-5184-4145-B6E6-5E5D33D85FE4}" = HP LJ M125126 Scan HP Scan
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.18
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ACDSee" = ACDSee
"Adobe Flash Player ActiveX" = Adobe Flash Player 21 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Any Video Converter_is1" = Any Video Converter 2.6.7
"Ashampoo GetBack Photo_is1" = Ashampoo GetBack Photo v.1.0.1
"Audio Record Wizard" = Audio Record Wizard
"Avi to Dvd Free Converter_is1" = Avi to Dvd Free Converter v6.7.0.225
"AVS Video Editor_is1" = AVS Video Editor 6.5
"Easy Thumbnails_is1" = Easy Thumbnails (Remove only)
"ESET Online Scanner" = ESET Online Scanner v3
"ExpressBurn" = Express Burn Disc Burning Software
"FormatFactory" = FormatFactory 3.2.1.0
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 2.1.5.1212
"Google Chrome" = Google Chrome
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0402.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"Mozilla Firefox 45.0.1 (x86 cs)" = Mozilla Firefox 45.0.1 (x86 cs)
"Mozilla Thunderbird 38.6.0 (x86 cs)" = Mozilla Thunderbird 38.6.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.5
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PhotoShop Cs6 2015 PRO Cs6 2015" = PhotoShop Cs6 2015 PRO Cs6 2015
"Pin It_is1" = Pin It
"POP Peeper" = POP Peeper
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PSPad editor_is1" = PSPad editor
"QuickTime" = QuickTime
"RajcePhotoDownloader_is1" = RajcePhotoDownloader
"rajče.net_is1" = rajče průvodce verze 1.59.42.257
"Recordpad" = RecordPad Sound Recorder
"SSD Fresh_is1" = SSD Fresh
"Sweet Home 3D_is1" = Sweet Home 3D version 1.5.1
"TeamViewer 5" = TeamViewer 5
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"VideoPad" = VideoPad Video Editor
"WavePad" = WavePad Sound Editor
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"xampp" = XAMPP 1.8.1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22.3.2016 14:49:10 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 23.3.2016 4:50:58 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 23.3.2016 15:15:05 | Computer Name = Beda | Source = VSS | ID = 8194
Description =

Error - 23.3.2016 15:17:51 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 23.3.2016 16:33:10 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 24.3.2016 4:23:43 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 24.3.2016 5:56:55 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 24.3.2016 19:11:54 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 25.3.2016 4:47:58 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 25.3.2016 4:59:02 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

Error - 25.3.2016 6:04:14 | Computer Name = Beda | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 25.3.2016 4:59:20 | Computer Name = Beda | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 25.3.2016 5:41:28 | Computer Name = Beda | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 25.3.2016 5:56:13 | Computer Name = Beda | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 25.3.2016 5:56:13 | Computer Name = Beda | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 25.3.2016 5:56:14 | Computer Name = Beda | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 25.3.2016 5:56:14 | Computer Name = Beda | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 25.3.2016 5:56:14 | Computer Name = Beda | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 25.3.2016 6:02:32 | Computer Name = Beda | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: BTHidMgr

Error - 25.3.2016 6:04:32 | Computer Name = Beda | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 25.3.2016 6:04:32 | Computer Name = Beda | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >

[Márty84]

Napiste mi velikost adresare plochy (C:\Users\Beda\Plocha)



Pozor na pouzivani TuneUp, umi to nadelat peknou paseku.



Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-332784963-1637011244-2087319766-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2016.03.22 13:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ebe5c5d7f730b7b5a7fc15c0024591d0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ebe5c5d7f730b7b5a7fc15c0024591d0\*.tmp -> ]
[399 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[MedaBeda]

--- adresář Plocha, nemýlím-li se, tak 14 541 kB

já tam mám nějaký TuneUp???


log je zde:


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Beda
->Temp folder emptied: 15154772 bytes
->Temporary Internet Files folder emptied: 35421683 bytes
->FireFox cache emptied: 78430206 bytes
->Google Chrome cache emptied: 40637726 bytes
->Flash cache emptied: 602 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Meda Beda
->Temp folder emptied: 0 bytes

User: oem
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 118582 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 162,00 mb


[EMPTYFLASH]

User: All Users

User: Beda
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Meda Beda

User: oem

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-332784963-1637011244-2087319766-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-332784963-1637011244-2087319766-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll moved successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-332784963-1637011244-2087319766-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24A0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4604.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9032.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP975F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBB33.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD884.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEF8D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2AC7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5129.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP53AF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP664.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8ED6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCF13.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD1CF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD307.tmp\Microsoft.Build.Conversion.v3.5.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD307.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF3B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFE6B.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\ebe5c5d7f730b7b5a7fc15c0024591d0\BITA015.tmp deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP021sdb_bz1p3st83mhpa3mbdd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP04yr_kx6_jza5w0grqmc59x6d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0app3_y8eoxdyhr5dd9ccdzo.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0ffve8ol3gw1wj7i_x90twa9d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0fvc__3gwi5o32i_bm2xuov6d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0gerj4hrozc81y81caf8thbqb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0hoxglnd6fu10qkogf_p3v0cb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0kfr8x8l_slikx08cnzhglc5.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0l9o3b67s0mma4_8vdirutmbd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0ld526i9z2dwpkrb6deuehz0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0lds3wzs4nn1_0es0yzsm39ib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0oaedb3pp_scnp4lfxboxsfdc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0rbeq9r4jlsy9yuyslo80sd5d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0spd6q0y8mybv4b7x5cgpxh7b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0u60ybcuj8cx_g1gff9xoc_ee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1087ifpiefb54b48632duesj.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP10qcdoye1pu8injbbtci2y3x.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP12f7250kf0awz23pn2ke5zkrd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP18anv885he_q6wndlvjkf_i3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1brk3hm_y0p9qfk5ke02hqt9b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1go0k_shf015rqvw4_b4_f_d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1hd2aoclut3x2vysp3j0qh87.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1hnlm_n183rq2j2jall319otc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1iwimj2ywlpmzqej5kv0dit_b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1jsda1r8ebs2j9x4m05o4gabc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1s4srh99z7bngdg_8n14t071c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1xyv42gqvjqem6pmqs2i7ktm.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1_dth2stxuwwi9i_ycpp3cxwc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1_zi2he4ngvpjoqi88jzq_ju.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2583yr22pajqjzkrlu9h213hd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP25nzrd50or1p52vrvztls571.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP289h0aqj9do6vy9oqignwehgd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2a8yn6v892glbundyqkjgprhc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2cybtzdq_rxh4npsk9fhm7h1b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2pji2apodvmuz6ggyqrhfkbgc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2q1xeeolnxk9gh67wp55p21pd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2w27kxas178jxssl338wwdnvc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2x4lu32qb_k93nisoahbvvyec.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP30x156hgfvcxh94nfwyqzu8fd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP37hg797cids36hs3u5g46axzd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP395dl60ce4usknorxb4wtum1b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3982wgkq692f0em4e2th2uioc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3f36dry7qvzxjp_751qpp9hj.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3h6muqx_krth1pjv0qhxjc0_b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3kcwecpci1zvqubwmv30x5_g.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3l5j40vwfd8p70jsp0t1kl_xc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3libuxvpe0mqhgicxsik1i37b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3sdrgk170l6izii2sctmfgbh.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3wlw7rooqixpretr5_jlggmvb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP42fblaccei9lysahtzlf6yr7d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4533vxfmt1s0tz6j6x8lbn0qc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP46svegy_hilxsk6hd3c5w8p2d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4c83upfcara6c9mv1g9c8y43d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4dn9uu5cj078ri5ki5mgto10c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4dy5gqvbr2j70hr6f4jksi9id.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4id6l409hjgl1gssqp50bkv4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4kaww6dmn_092zyas1wdx5tdc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4l9pblekvz3g1bnupieigmmi.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4mipcr0aau80xl7qbo1_mvr0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4o7q0k8t1d_c3jb38un8m54x.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4q4ooqqp5v85awnzvny76m23d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4qnenzn1dw8pv8muvl1_nkqcd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4qqu0rrxxh85kbgv__wtwcl4c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4r12ns_xan4wplkix712ffd6.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4s911jdj9a9fj_t2qdwn5_s_b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4u_m1eyf4p_je5x8q1b4_3ubc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4wedm71rnn4_8nbm44b22l_wd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4_bqj4soz402lj_fom57u78h.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4_c99mm4tq70ckqvfusi10m3b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP554mtwuiqka1qga4ah4pbglp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP57ixewtvhzaclu0kk162wkyrb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5fnu0qkcl00h844eaz2lvthg.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5jkakpw1gq24fpjsasikcs28c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5l6f9fysmjd0c6wigeflp99td.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5v_e0rs4u7sdjd796vmd1tqp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5w0ix3tvz036ey2vv7k0g172c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5yegcdm11brp_xdgxhnnteyf.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP60ibuuig9oyr0sw03w09rpu7c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP62fkdgc7lk1jzbcc2wsl9z46.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6zdryfpguhfr_ib10h11h3dc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP71gp1ddvkqmbwtabge3om1gsb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP75qmdi2uonryor00oxyvfcc2c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP76b6dc0moqypg_6fy493efs9c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7b3iskvr11pvxfkoflk79d44d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7e33n_a3p0uge0nz8c_0veeqb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7gt3dsf0d206t0yl9s31jh0o.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7lr3y66qco7q8ormcv5m4i9wb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7mcegzvsxa_f3b4tvgae5cavb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7pp8yz8lj783w1b_bspbtdoud.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7utygo6b1n09k0syo2qsxk6vb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7xitrl0ykys6xr8rpwjon6fy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP80txdikmhlxa6cb7t2p0m8vpb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP84xp98e_43twlhgughzvt0l4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP87id00dk8s08v0yrf2rbwmb0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8g1ty_1g00v81120lmypof4nb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8gmusfj3tozu76qi4uhkg_2td.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8k75dl7sals43nahqs3xcq9t.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8m160k_b00p960d5at8exjf0d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8on11phbh1_3khyl5ouzm6u7.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8t0lg884fg_h8d73o55ugimy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8ugil23h4z0bqtgfsnw4x7sz.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8vsa0a0r1k4wi4ire2pn_jmo.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8w9e8x8uafz00kh3ibrypbqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8yh42pxkjbuyyed0w0xzeslpd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP90tm1_6yng1xfjg6s2jd4n3kd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP93bkfuhbcp7m_0zxuta6ulzkd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9443ozy_mchev4gh333jptgsb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP98doow6x5mcmiz6km964qyzob.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP99r4nru50o4c4xe998x94q0kd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9axga4ml9r3aoc4iffnn3nyoc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9eezy027hjphj07y0_3ph0qlb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9hibbntbi27_thw0hhmq6b5xb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9lac0bcqozxmhg7lyqip2sgld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9nfeojt1a2ip4njqc_cz1u8id.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9pfm131o1nf3hpl_728gpbh8b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9rbz7jar42sffswp2qevz_1wc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9uyjue969y2_o4jbkzhfo8xcc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9wh2j6dikbgcmw3f5_lb6vzr.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9x55xt8pyjezu6daro8_0u5pc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9y5wbmdc2cfgs0j4kmrl0lupd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9z5zsctnwoizuzv0ia9hov7m.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9_a72vp_4j3ygyug6q1me4adc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPa0tav9k3yb33dy89mak20m10d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPa34nbk6t3zvbfx621bm_vixfc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPaaemv29xdh7u1gg31ma7hh3ce.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPal05_bb_0eii90ri6mr8ii78b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPamdd9kbvi8ecm_q8l2mdc1sbc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPaq7j3x20wu5h4ko4jaqe_cxkd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPawf6strgu9sql2b769hri5mcc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPaw_zr0g30mqb_at_9v04q_mvc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPaz8xeiyafa0ipzbl_3qptxdtb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb76_w09ngiwuogoaiosuszy4c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb7gmm8c4wbqp9_ndl36gnfy0d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbb1mtd0x76md0cw2r5xu0zy2.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbocwbzhv8h0de41uqf3ed7opd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbs64u4g66344hg03ac91clbn.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbt7vwuyxi4z3b52y7q8fezt9d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc60_nxo325gkyt3ca3mxfh99c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc625c0q0twt_vf1507dn2xek.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc6yvw99ph03ri32oo9j00owrd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc8o2ie6tty0ane43t9j19ik_c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPca3_nifrx9tg387fafan4t0nc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcd4h_2dl58sv9xfykk0e9ejvb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPce49k3q3wz30r44t9g6ap0eld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcf9cpe7ti55mf_bod19gxnl0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcglxxwwx4d55ix86vexsq_xq.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcimbpf02yegji_g_shlb8bkfe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPco4necgzku0wdr1zfcoi7z2u.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcokodpeyutaowt0yqbfts2dyd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcp0laqq4mkmt2nglj0epoxvp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcs0s439p1mk91iyclafvwo5lb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcsee49l0cy3rsfku9g2a3hy8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcwzlknmmmjtxmviu5r7f3xl_c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcz1gwrvprrktudkw_anssdyy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPd9bzs7jvncfwa9345e_i2906c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdc0w7jhl0taw389ybi5smkqid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdc8zjd8bfmg23jl7iud9ybgbb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPddjyfj34s1re270fymy51idld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdfst6jflssnc_e1rwlb00ekqb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdjn1fesojnqami81m0yohmpuc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPds7k0dhn7cg0mpesnjdkhzmcb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdsdr0_h00wy5dgtl3cl1xqiad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdsv172c11uofowy30z98andkb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdvvrqgmfppzt4oxyyujcppcce.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdvxgtlg0myg_j12vuqqrtdwn.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdwl5b1hecwxp4mxsltaiqbtoc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPe127he9v5z1gii1g3f5ji4uce.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPe58e3nuoy0dn80fhcj0h86cud.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPe9oz567a3o666o97lk_yk833d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPeae8l_2ul0nr91w0po7w5bmsc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPef6uynvjskmtmwt3kum610nw.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPeiwtpx_2ewy00hprfryoe0iy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPeizy7oxke6hup76_w0efc7m4b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPetijj6wtaw4qs2do4zj31bcb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPetonuc6vvz97vmum460ro_rq.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPeuyyyq16sz1m9i4vl5mor_nbb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPexlluz9ltt16t8x81di9xeq.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfa0oy0pm7sron9a3ypy5llus.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfdfkpfogtqwez01je1np0ihuc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPflvn84r3bkwsswbmzxm44fl8b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfm693d07qsua7nl74uqcxbspd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfmuram6jetqf6ejozjmx9txf.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfmxq92ji3de03m9qda5ki_fkb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfnnerj71rlsxgrfeyn5tfkdbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfuri5q3mjof68_p2ia8umzqzb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfvbcdos_g5mj5bphr3sf4l2dd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfwjm0y6j2oo0jxesfzvggs1pc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgabkvdpyvne05g5ebe5ta70md.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgbnga13icrymgy73w0hcxtjm.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgogf7icthufd7gmnuygk2dd1d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgrr1chhfkn7cvsos70xtb_eq.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgvvgbm51x3xqemfob8wmyg40.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgxitqyo3fb_b_33qubuzuzgid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgxy605zdjrmoy07xglxtnxyjd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh36w505sglm9399zgyyiutkxb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh4g6pxvorq83503mw8qu313zc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhdlu300h_sg0yy2zhppebw0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhjbxwde8qsk66osa3n7ynko7c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhkqotqxl5ffo54wu_deqkgqo.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhtn2n0z0hq3boig9sdi2jxslc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhuttjzpeplm527cmok15agoz.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhvxv831zkysxf9hg92shwvqed.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhxl6zhjpsxgebimnlo3wqbhw.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhztcike3ajx245il9ncikepm.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh_hhtwyk2mrm0qlp21l3fbuuc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi3t55gzf51400wfu_g0vc0lvc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPidffcmzpt8rq0w_xgrxgc2j4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiebt1dk4f0fdc9w7w1ta8i4f.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPije3kv820234ud8rq890ur04b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPimmdupehs3rwq0emfpe0otixc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPirc180i_z1momc8owy0wra4pc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPis2pvqgneb40f9eg6_rkjfkce.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPisz4846mt1jf47sy2m4dauu2c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiw0l9tttsv02qv4l6wremi74.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj7ygd3a0r0lidij0t5uf8can.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjf6x7m68jqaopy9m5ava4pgzd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjgnzi_xsks8ic1nkfwvpullod.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjhsdgwebxfgl5ya5kngbl40zb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjic0m_oa02muvfk47jat5ff8b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjks6cdfospc4sj0x692tn_p0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjo3o2veoahughjf7guanaokob.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjs0a78v9qlqstf7cj856i_2qc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjuhb7b6me9tp792y0zten88qd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjuwyrzlb0zoyhbt4rmyher9h.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjwcaamdnm0wocs7ijtzr5z3_d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjxhtie6i3fkcwaw5nezh0lg1.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk0t96qjw5w113r8cvaigmf0cb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk47nqjyb8o94t0hgmikno3asb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk6_7j01sk_e9hyc8o_p7r4k5b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk8b1uo96tppoi4dgf4gz01v5.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPke2b06vxned58n1uj73b1o6wb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkiqsuwhy1tpwg0z7ijzgwd4eb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkk5iemz8pw_opixy8yhtkodhb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkkammkqb7vtjjn21avk73o3w.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkl_gpb0ihedxoqeiokgytzyae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkoyuurepy5w5h139xp6xz1hgb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkr5s1_8p8cf7i0jdbte1lq01b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkupei2ps0bhjoqljnkqh_5dv.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPky04p4l67g3iu_py1b9038v9c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPl1ctfd5un6j7g6kjp3q6tflwd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPl5fywz2pg9ag2qp_d4zb4wfxb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPl8fx_irbl9mxs00nvkaoflbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPl95r1ykdz360nn1g1xb47arkb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlammbjtwd69gr5najyumo7ugd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlkvid6wb_gpw_xy1aiss_lkvc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlot_idzg27w25bcdltt8tsuae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmfnkva8p2vadfd70f9knnhlnb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmh9cybrja9_hrgi2whoa8wjyc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmkyzb9gtifn_n6ehe42wfo19.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPml2dgxv23x8rx1w060ixhieyb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmlnqzd8dom01b74o61bqtzghd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmlouov50oghy0060gzbl574i.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmn03sibz09_9osnl51y2v4o6.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn106oxqh0fk3g95e9wc9vg3yb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn4d2_c87ut50ktak0kp8x9f5.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnaedq52ysvnvss943e5x774kb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPno0e0h5u__oenj86ag2dfvtfd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPno79n2q3qvgiis0rath_rp57.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPns0r5bzefgik10deyvvke71xd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnsmqotv5gt5zuujyac66wl9wc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnt2j50hcjqtqe4o4n5hp52iee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnuza74g2gd5y6dym8bmatx4_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo0eo95snl5fm_s06vzvmuz1pc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo1ygq_f3miul0kxcsmvfwl4m.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo36t0cl7go1zjwhqdwmuqx1db.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo80tv1bk_o_wbeyc0mgh050xc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPoar50ovr2kqidnzrx44ckva8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPoc7qcciwlx87tg79nyzvj_4xb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPohhnjdsvvj8y2e7d5g01l5pmc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPohm0iicaadaezrfb628il89dd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPohyxyrhjd4d277ls1eh7tvxsd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPolsmw1rol55sjxectvjqbsptb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPosdm69na6ahvwgqjku09301pb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPowvhkk8a1ut_0hlnjub0_f0hb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp08uz1zjks5n2nb6bzrxzlted.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp1fx391duwcx7v7ba_cpz9p0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp1s_j092q4s2xsruladn81fi.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp8mtzmoumeut0it9axn0zwi3b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpb10izhf9vvmzus92u269orod.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpd7t7kvevibw6h5ljh2tsf52c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpest1dvbz0mef3vippzj7clvc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpfq0r1g_ni69u649dqf41z4zb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpk047uj30ae585efuo9sb4zsd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpt_flojlnayu5idenl4atsj4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpyz0b5cg90mike7tct32yr2ob.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpzjcmdkvskg9cfvrq026mhghd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPq6orgpmkd_yxk5r3ro8tczj9d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPq7x08mjcneg8xsfonhht9naoc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqn381rw8w9qq8a3b456iuz3qd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqr07rhj12wfi2wcsmzkkax4rc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqxm5yue50r1bqzxwdnvovjbfc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr1cbg8l37l64l418m0ja2jty.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr46sqpsbbb0yamcdq921yv3tc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr4c4bfy056m7sg36fuoo6jrtc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr8tcm37b7rv9d8qb0palx5be.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr90mx77_i5s8vu2_s4x07s3tb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrbaxph9u02ljkx5hd6vkssrqc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrdyfnuns0xgss2a05jxym1u1.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrd_mzy8jmepyyrwsienr4jaob.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrep_r2pi69tc3k_fzg9ktwbnd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrg2cxa0kdpmfub82dahn6tfrb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrh4ed4dcnx8zb6d03myd48wsb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrik2q7pkkqsj43bibhgkdjtyc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrkfp7bl0sb_bbjbgcoqri7o3d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PProhs6hylbit63wvb0n8umw00d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrps8uxzph381xk5sq0031j5lc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrq6n066om13g_5wa8ffiocscd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr_02a_3xkqylq_yj3x9aoh74.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs3_9s6equdy4zju0size1l08b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs4tjsqcbhguadcgj_nelz_sce.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs5na_r81v3elli60pcqqdkqid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsbjz6az0p6gn0_iu13ui5f_7.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPscvudunalx_48b6v0q3dffq9c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsg__i_sgro54zn40gvvd0o_n.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsjan0dlca0bxq4l5e4gfaxkdc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsk93nyidlj5fpoph9bx6js9zc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsvbk27i145igm00_mg8b_8x_b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsz1kk20vj61_as3409zg9o0lb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs_sofxga7fdkbjgjtdc76lxtb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPt10vpl8rmmzzy5cft_ehx1ssb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPt1tafyjgsmacz1l1kpdv294ld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPta40lv2oiaacsinx80sgards.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtdstvlqrtenb6b1jpz715a0md.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtj3or8i7161o3pw40cunixacb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtmuxafpzzfmrl1bqpainrcmpd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPt_cetf1zy_cbi6kc98j_kztxc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu260ikrgr28ejo04vv_f3nes.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu6zgsptbayv18kt_lvr4uxtub.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu7h9q0i_xp_n2wy8hs5wo1jxb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu812cokk9tj000musykgtpikc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu81h6lb4qkudk1i3_j5ssl3oc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuhi_r2ajg6b4d_uudcepu9c4c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuikhg9_qt0i035exx63cgdw_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPujgpqjtaeljuz37_9u1f7089c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPujqcil0z19m38t3i1cevpxkhc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPujv0_yxblw930ors5tv49knud.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPukmvmf3fyql856_ksktwiqmf.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPum1uhep13_2rjctphtznhz_9.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPupmdk0ml82l0imgt258zfgmbd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuwttjmiqmosbbdf7ftm7kmw7d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuxaahyv42boc3y_iy7oz19wdb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPv0gym6zlwv7e6japomb3jg5vb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPv9zlf0a20zaqexopvlgg4pd0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvd05_02uo03apj4akvuya_zfd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvflmbkkk2stjrd1t88ap96ym.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvgur97uxszjivrpkd0b75g5tc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvkzn99eoivb00pwo8f8z9nabb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvngk6yr8qu5gpbxweqentbcrb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvshmk0t_4kfpa6rqf_3smtw8d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPw0k0mdkjrxjjzkmth00ys2v0d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPw5eo8st20uzyspcn0f94bolub.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPw6023z6svc8pypl_4_315_jib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwc5pbmc0wi8z498ndemztjwy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwconz9lwoe30obkec9t0f12dc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwf5rdbp06qz50cbqehdjxat0d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwkyel0qn16fhos7e4rmyuopn.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwlnad1h1d3kmi7m7f6kkxzkcc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwm4inx9c2m1hie_0k4gvs7sk.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwocz_y0k0qs29ggwjop2xvn2d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwsfdkis610xxgwrzyl3ue3z2c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPw_uvze26jpmaawz3alxwt2b_d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPx94d5gr_w56pwnaw45vom5wgb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxbf9nliv6x7ej_ho4tg5vb9ib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxcqrk0923d52w84vb2id69qbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxdjcq0ms4sypi_a1sey6ekgad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxhytjqpfbpo5rq8uwau7098db.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxj8l4l8v1ahggc0y3iyjta8l.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxjuv0k5alcjt7f8n9j_eddaqc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxms0amdtg84en2h504bbecdu.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxm_ssc6ce9fs2tkehwvnje_hc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxnoikc5rg918ze2qnp0rm60yd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxp4kt0ehmjbm0hvmom1ss4sbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxwof51gy1txm7s_p4fm09ahfd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPy0z2_0us070wzb0_0gwp9ca8b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPy4kfa2kuhg41e0pubku_c58mc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPykecgp452qdopw9595kaz0gu.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPykhya9xwqmth9yq8e570v0whc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyneunvfr_9fxx0ofafzys1t3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyz251p_tlbdgxd2kyhgw7y3kc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz0h4twvc00vivotquyb45zlgb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPza40p98mb1puvu_hrgxaemrjb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzlci5f7fq4k0uq7pz7ru0vqib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzo_2iex5x8403s4h5i6h8060c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzqrc7lni1vqccvt60osfsrm7d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzrft0lmm8j21qi4juev2tr41d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzxdosqg751_udlr80ripu5vv.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzxo05g6icsbx5su35jlro2udc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzzrubirlm9_nz10kb3xnry73.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_3b7tbu_w4g09tu0nktwbzwb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_hiigm0h0k2dxnka0gxm5x6wb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_k8zasir6x09u8_t0xrpf_znc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_kn_o4w640ko9x45sdw_kip7b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_lc5i8uxid80_1tnc3f9ll64c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_nzbvb464507e7f6uytfok6db.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_rp5bfoo0j3p04zb4f3h_o66.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_t22_mxg3o60cijlggnzr2n9b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_ts072tptc90tjllo4dtwvqtc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_z1dls2f60c4c2o9h2m2pz7.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP__xft98xs3uv_i2r7ttv4sfce.TMP deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03252016_141213

Files\Folders moved on Reboot...
File\Folder C:\Users\Beda\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-382 not found!
C:\Users\Beda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Beda\AppData\Local\Temp\~DF169A618AE588634A.TMP not found!
File\Folder C:\Users\Beda\AppData\Local\Temp\~DF66DFB9BE0F7A463C.TMP not found!
File\Folder C:\Users\Beda\AppData\Local\Temp\~DFBFF464A3C77469F5.TMP not found!
File\Folder C:\Users\Beda\AppData\Local\Temp\~DFD1AB3EBF6407E492.TMP not found!
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XBIH6G2L\rate[1].htm moved successfully.
File\Folder C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUDTI51M\aae21b6e[1].htm not found!
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUDTI51M\showad[1].htm moved successfully.
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUDTI51M\TriviaSeznam-BoldItalic[1].woff moved successfully.
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUDTI51M\TriviaSeznam-Italic[1].woff moved successfully.
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUDTI51M\TriviaSeznam[1].eot moved successfully.
File\Folder C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUDTI51M\viewforum[1].htm not found!
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZQLZ0PU\OLffGBTaF0XFOW1gnuHF0dIh4imgI8P11RFo6YPCPC0[1].woff moved successfully.
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZQLZ0PU\oOeFwZNlrTefzLYmlVV1UD8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.
File\Folder C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFEGXUZS\Pug[1].gif not found!
File\Folder C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFEGXUZS\Pug[1].htm not found!
File\Folder C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFEGXUZS\Pug[2].gif not found!
File\Folder C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QFEGXUZS\Pug[2].htm not found!
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABE70GC1\context[2].htm moved successfully.
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5BVAM1G5\context[2].htm moved successfully.
C:\Users\Beda\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\BEDA-20160325-1102.log moved successfully.
File\Folder C:\Windows\temp\officeclicktorun.exe_streamserver(201603251102269D4).log not found!
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

--- adresář Plocha, nemýlím-li se, tak 14 541 kB

já tam mám nějaký TuneUp???

Ano


Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

[MedaBeda]

ta defragmentace docela pěkně uvolnila místo na disku, to je fajn

počítač moc pěkně poslouchá, nejspíše je čisťounký jako dětská p*dýlka

takže opravdu MOC DĚKUJI

a asi to sem nepatří, ale co s tou prožluklou instalací, když mi (coby administrátorovi!!) napíše:
You don't have sufficient privileges to complete this installation for all users of the machine. Log on as administrator and then try this installation.

ale pokud neporadíte, pochopím to, tady se řeší zavirování

[Márty84]

počítač moc pěkně poslouchá, nejspíše je čisťounký jako dětská p*dýlka

To je Nemate zac!


S temi ucty je to zapeklite Dela to pri kazde instalaci, nebo jen u nekterych? Spoustite ty instalace jako spravce? Tedy kliknutim na ikonu pravym mysidlem a levym na Spustit jako spravce?