RTC video PnP listener - prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
bbdra
Level 2.5
Level 2.5
Příspěvky: 373
Registrován: listopad 13
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod bbdra » 13 čer 2017 11:55

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
No active process named firefox.exe was found!
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SlimDrivers deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS2\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
C:\WINDOWS2\assembly\Desktop.ini moved successfully.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Driver Booster Scheduler.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS2\System32\d3d9caps.dat moved successfully.
C:\WINDOWS\system32\drivers\utmymzq1.sys moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: 1234
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Adam
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Adam2
->Temp folder emptied: 44365818 bytes
->Temporary Internet Files folder emptied: 33237 bytes
->Google Chrome cache emptied: 95785391 bytes
->Flash cache emptied: 640 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.BBDRA2-3D0A5E7C
->Temp folder emptied: 92032 bytes
->Temporary Internet Files folder emptied: 49822 bytes

User: All Users

User: All Users.WINDOWS2

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User.WINDOWS2
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: znk
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 174895 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 134,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06132017_114848

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS2\temp\Perflib_Perfdata_e28.dat not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



Reklama
Uživatelský avatar
bbdra
Level 2.5
Level 2.5
Příspěvky: 373
Registrován: listopad 13
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod bbdra » 13 čer 2017 12:12

SystemLook 30.07.11 by jpshortstuff
Log created at 11:57 on 13/06/2017 by Administrator
Administrator - Elevation successful

========== filefind ==========

Searching for "rtc.*"
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\RTC.der -ra---- 1098 bytes [06:50 19/09/2007] [06:50 19/09/2007] B07D6FE1DA7DEB076AFA8F991763EA85
C:\Program Files\Adobe\Reader 11.0\Reader\RTC.der --a---- 1098 bytes [18:43 23/09/2012] [18:43 23/09/2012] B07D6FE1DA7DEB076AFA8F991763EA85

========== dir ==========

RTC video PnP listener - Unable to find folder.

RTC - Unable to find folder.

========== filefind ==========

Searching for "*RTC*"
C:\Documents and Settings\1234\Local Settings\Data aplikací\Comodo\Chromodo\User Data\Default\Shortcuts --a---- 28672 bytes [13:51 10/03/2016] [19:38 03/11/2016] 28BF674FDC8DFB8F68B32DED6CA2AC0E
C:\Documents and Settings\1234\Local Settings\Data aplikací\Comodo\Chromodo\User Data\Default\Shortcuts-journal --a---- 0 bytes [13:51 10/03/2016] [19:38 03/11/2016] D41D8CD98F00B204E9800998ECF8427E
C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Shortcuts --a---- 20480 bytes [22:39 06/03/2016] [22:35 09/11/2016] 3E63C6D119E92738049D89613C06B1DE
C:\Documents and Settings\Adam\Data aplikací\Windows Desktop Search\WindowsDesktopShortcuts.ini --a---- 196 bytes [20:43 08/02/2016] [20:43 08/02/2016] D660216367402766CFAAC3C6D0D23BB1
C:\Documents and Settings\Adam\Local Settings\Data aplikací\COMODO\Chromodo\User Data\Default\Shortcuts --a---- 20480 bytes [11:17 31/01/2016] [12:17 04/11/2016] E7B8112E77071B8A3EAFFAEB1A7AEDF4
C:\Documents and Settings\Adam\Local Settings\Data aplikací\COMODO\Chromodo\User Data\Default\Shortcuts-journal --a---- 0 bytes [11:17 31/01/2016] [12:17 04/11/2016] D41D8CD98F00B204E9800998ECF8427E
C:\Documents and Settings\Adam\Local Settings\Data aplikací\COMODO\Dragon\User Data\Profile 1\Shortcuts --a---- 20480 bytes [21:38 23/10/2015] [21:39 23/10/2015] A4FFC074E2440DD847DFDDC661A05406
C:\Documents and Settings\Adam\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Shortcuts --a---- 20480 bytes [18:01 20/07/2015] [13:23 09/11/2016] 1582AE7518A8782177F38921C9BE0C18
C:\Documents and Settings\Adam\Plocha\složky\Hry\SPORE\Sporebin\SporeApp.exe - Shortcut.lnk --a---- 1393 bytes [21:32 08/08/2015] [13:26 30/06/2013] 4962BA44F094B733DA3404737F380AAC
C:\Documents and Settings\Adam2\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Shortcuts --a---- 28672 bytes [16:57 28/11/2016] [01:54 13/06/2017] 29244CDC6BB8ABEFDA4F1F18F17F0B56
C:\Documents and Settings\Adam2\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Shortcuts-journal --a---- 0 bytes [15:22 12/06/2017] [01:54 13/06/2017] D41D8CD98F00B204E9800998ECF8427E
C:\Documents and Settings\Adam2\Plocha\dst\mods\screecher\colour_cubes\ConvertCC.bat --a---- 92 bytes [17:25 01/04/2017] [10:48 15/10/2014] AF96C3A692353DFCAE1C1939FA360A24
C:\Documents and Settings\Adam2\Plocha\dst\mods\screecher\colour_cubes\ConvertCC.py --a---- 1392 bytes [17:25 01/04/2017] [10:48 15/10/2014] C59ABECFE512A1E994A8D1CD9D5655D8
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Comodo\Chromodo\User Data\Default\Shortcuts --a---- 20480 bytes [08:07 09/02/2016] [15:55 14/11/2016] A4FFC074E2440DD847DFDDC661A05406
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Comodo\Chromodo\User Data\Default\Shortcuts-journal --a---- 0 bytes [08:07 09/02/2016] [15:55 14/11/2016] D41D8CD98F00B204E9800998ECF8427E
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Shortcuts --a---- 20480 bytes [22:22 08/10/2015] [12:52 20/12/2015] 9A93E1E6306066ED58EEE70ADFCC28ED
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\AncientTerracesDirtCol.pco --a---- 957 bytes [15:01 13/10/2015] [15:01 13/10/2015] AC0D74208F6CBDAB3F6CB6D289EC5DF4
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\BunkerCorridorStartCol.pco --a---- 381 bytes [10:48 20/01/2016] [10:48 20/01/2016] 6CF533B56E72A40328F856F3E6F340DD
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\BunkerCorridorTcross.pme --a---- 1074 bytes [10:09 21/01/2016] [10:09 21/01/2016] 34C31346297B7192231E87136EF844A2
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\BunkerCorridorTcrossCol.pco --a---- 279 bytes [10:56 20/01/2016] [10:55 20/01/2016] BBA50DDAC5FCD76ED3B7DFD777E32D5F
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\GenericGirl_v4_Hair_ShortCurly.pme --a---- 9424 bytes [08:42 25/05/2015] [08:42 25/05/2015] D2594DBFBE5389C4BB30F1B6C1B42DE4
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\MysticValleyShortcut_Col.pco --a---- 1401 bytes [16:00 14/01/2013] [16:00 14/01/2013] 33A5E34D83DFDC2C6AADFBD1EDCD76C8
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\MysticValleyShortcut_Mesh.pme --a---- 51833 bytes [12:03 14/01/2013] [12:03 14/01/2013] C57C8E1420BDFBFF4BB625D3F789A90D
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\SHBridgePartC.pme --a---- 1538 bytes [14:30 29/03/2016] [14:30 29/03/2016] F79EA93B10EAE9D44C66184F5DC4F3C4
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\SHBridgePartCCol.pco --a---- 174 bytes [14:31 29/03/2016] [14:31 29/03/2016] 6BD8C31D6F8D3D211402C35FEB596999
C:\Documents and Settings\All Users\Data aplikací\StarStableOnline\Data\StartCar.pso --a---- 320702 bytes [18:46 19/01/2011] [18:46 19/01/2011] 1F240A31B42B2FE40CC449B9F1F4EEFB
C:\Documents and Settings\znk\Local Settings\Data aplikací\Comodo\Chromodo\User Data\Default\Shortcuts --a---- 20480 bytes [13:23 06/02/2016] [22:17 09/02/2016] 2854BE62BBB0600ACF8811FEB428A9E9
C:\Documents and Settings\znk\Local Settings\Data aplikací\Comodo\Chromodo\User Data\Default\Shortcuts-journal --a---- 0 bytes [13:23 06/02/2016] [22:17 09/02/2016] D41D8CD98F00B204E9800998ECF8427E
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\cybersport\cybersportclubslistview.pyc --a---- 15959 bytes [13:47 20/08/2016] [14:33 13/07/2016] F1825910404061B8BFFBC5C55D3B00B0
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortcalendarwindow.pyc --a---- 11642 bytes [13:47 20/08/2016] [14:33 13/07/2016] 88C171BE1189A51C108D0C8854ADD251
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortchoicedivisionwindow.pyc --a---- 6710 bytes [13:47 20/08/2016] [14:33 13/07/2016] B121696AA62053A2B9196511D352DB59
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortclanbattleroom.pyc --a---- 21307 bytes [13:47 20/08/2016] [14:33 13/07/2016] 128CD98CEEB8D8A2425D719776F994DC
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortclanlistwindow.pyc --a---- 6530 bytes [13:47 20/08/2016] [14:33 13/07/2016] D0EB6EED0A58DD5687EA110BA0BB08DC
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortclanstatisticsdata.pyc --a---- 9342 bytes [13:47 20/08/2016] [14:33 13/07/2016] 5F61272E6E3C1A371D4D2E12A86A8C23
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortclanstatisticswindow.pyc --a---- 1977 bytes [13:47 20/08/2016] [14:33 13/07/2016] DFEB9CE411A817253EBA51C9DF383D8C
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortcombatreservesintrowindow.pyc --a---- 2029 bytes [13:47 20/08/2016] [14:33 13/07/2016] 837731CD1A16459329F58B741700C0BC
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortcontextmenuhandler.pyc --a---- 5306 bytes [13:47 20/08/2016] [14:33 13/07/2016] 0C073B2DF858927D4716056A05395795
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortcreatedirectionwindow.pyc --a---- 8638 bytes [13:47 20/08/2016] [14:33 13/07/2016] 0338BB93D92B402AAA4F7D9C8A222DF5
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\fortcreationcongratulationswindow.pyc --a---- 2610 bytes [13:47 20/08/2016] [14:33 13/07/2016] 49E6C439A0C408AD4ED9A6E0002F234D
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\lobby\fortifications\forttransportconfirmationwindow.pyc --a---- 8724 bytes [13:47 20/08/2016] [14:33 13/07/2016] 25987F07260EFA6294B332F93BBEF4B8
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortcalendarwindowmeta.pyc --a---- 1014 bytes [12:36 15/10/2016] [11:51 28/09/2016] 43043303C1DAD2ED471F02A1036B987A
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortchoicedivisionwindowmeta.pyc --a---- 1468 bytes [12:36 15/10/2016] [11:51 28/09/2016] 5EF78BB89C697B3A254895E18D4F96E5
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortclanbattlelistmeta.pyc --a---- 1264 bytes [12:36 15/10/2016] [11:51 28/09/2016] 34531BAB33C43204382A193CECBBD5F0
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortclanbattleroommeta.pyc --a---- 2920 bytes [12:36 15/10/2016] [11:51 28/09/2016] 581ED7450024D22539298453190EF53C
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortclanlistwindowmeta.pyc --a---- 988 bytes [12:36 15/10/2016] [11:51 28/09/2016] D73E4D78BC7E542CEBFEA66C998F24B7
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortclanstatisticswindowmeta.pyc --a---- 1003 bytes [12:36 15/10/2016] [11:51 28/09/2016] 9B0E8E71DDCD2742F8354826036BD956
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortcombatreservesintrometa.pyc --a---- 1009 bytes [12:36 15/10/2016] [11:51 28/09/2016] 13C2A1682BA390065B9DE031C4CD0D18
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortcreatedirectionwindowmeta.pyc --a---- 1944 bytes [12:36 15/10/2016] [11:51 28/09/2016] 7715EDE80047B870B6C1E0DA36CBF341
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\fortcreationcongratulationswindowmeta.pyc --a---- 1749 bytes [12:36 15/10/2016] [11:51 28/09/2016] FB306D17F46C04E7AE9E53ABD2AB1063
C:\Games\World_of_Tanks\res\scripts\client\gui\scaleform\daapi\view\meta\forttransportconfirmationwindowmeta.pyc --a---- 2341 bytes [12:36 15/10/2016] [11:51 28/09/2016] 31F50DA08B6F622982FBC4DC62E15864
C:\Games\World_of_Tanks\res\scripts\client\notification\alertcontroller.pyc --a---- 1445 bytes [13:48 20/08/2016] [14:33 13/07/2016] 894DB42D7C0AE7F3C5D380B0C6C7CF47
C:\Games\World_of_Tanks\res\scripts\entity_defs\interfaces\accountfortconnector.def --a---- 956 bytes [13:49 20/08/2016] [14:33 13/07/2016] A12C973737DB6E8A29857254539CAA0A
C:\Image-Line(old)\FL Studio 12\Data\Patches\Plugin presets\Generators\Sytrus\Pad\Oort cloud.fst --a---- 1440 bytes [12:55 16/05/2015] [09:47 11/03/2015] A599038CC146EE950A469ECB5D3CC560
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\RTC.der -ra---- 1098 bytes [06:50 19/09/2007] [06:50 19/09/2007] B07D6FE1DA7DEB076AFA8F991763EA85
C:\Program Files\Adobe\Reader 11.0\Reader\RTC.der --a---- 1098 bytes [18:43 23/09/2012] [18:43 23/09/2012] B07D6FE1DA7DEB076AFA8F991763EA85
C:\Program Files\Audacity\help\manual\m\images\5\57\playstartcursor.png --a---- 2940 bytes [12:06 10/04/2016] [15:08 23/03/2015] 54FD32253CFECE56885DA034627190FA
C:\Program Files\Audacity\help\manual\man\keyboard_shortcut_reference.html --a---- 62674 bytes [12:07 10/04/2016] [15:08 23/03/2015] EF472F6789C3C4CEDCDFC4329F63F609
C:\Program Files\Common Files\Adobe\Help\de_DE\Acrobat Pro\9.0\images\A_ImportCertificate_Lg_N.png --a---- 1080 bytes [04:16 22/05/2008] [04:16 22/05/2008] 0ADFBD56E6D8ED69149BF5A4FE7AAE72
C:\Program Files\Common Files\Adobe\Help\en_US\Acrobat Pro\9.0\images\A_ImportCertificate_Lg_N.png -ra---- 1080 bytes [09:00 14/05/2008] [09:00 14/05/2008] 0ADFBD56E6D8ED69149BF5A4FE7AAE72
C:\Program Files\Common Files\Adobe\Help\fr_FR\Acrobat Pro\9.0\images\A_ImportCertificate_Lg_N.png --a---- 1080 bytes [02:06 22/05/2008] [02:06 22/05/2008] 0ADFBD56E6D8ED69149BF5A4FE7AAE72
C:\Program Files\Comodo\Chromodo\User Data\Default\Shortcuts --a---- 20480 bytes [13:12 17/11/2016] [12:34 22/01/2017] 50FF4FB7D84108E6F65C7D8C7BEB124C
C:\Program Files\Comodo\Chromodo\User Data\Default\Shortcuts-journal --a---- 0 bytes [13:12 17/11/2016] [12:34 22/01/2017] D41D8CD98F00B204E9800998ECF8427E
C:\Program Files\Comodo\Chromodo\User Data\Profile 1\Shortcuts --a---- 20480 bytes [12:34 22/01/2017] [22:48 26/04/2017] C088C3FEF387C79AF4F4EA61258AC540
C:\Program Files\Comodo\Chromodo\User Data\Profile 1\Shortcuts-journal --a---- 0 bytes [12:34 22/01/2017] [22:48 26/04/2017] D41D8CD98F00B204E9800998ECF8427E
C:\Program Files\Google\Google Earth\client\IGExportCommon.dll --a---- 726016 bytes [22:00 20/05/2015] [22:00 20/05/2015] A73411E4E44EB1E149DBE8FE608CCA6E
C:\Program Files\Google\Google Earth\plugin\IGExportCommon.dll --a---- 726016 bytes [22:00 20/05/2015] [22:00 20/05/2015] A73411E4E44EB1E149DBE8FE608CCA6E
C:\Program Files\Image-Line\FL Studio 123\Data\Patches\Plugin presets\Generators\Sytrus\Pad\Oort cloud.fst --a---- 1440 bytes [09:47 11/03/2015] [09:47 11/03/2015] A599038CC146EE950A469ECB5D3CC560
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\skin\resources\cs\locs\shortcuts.lt --a---- 1446 bytes [10:21 06/12/2015] [10:21 06/12/2015] C3136C9DA01B6CC0CF870DE6D1067747
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\skin\resources\neutral\locs\shortcuts.lt --a---- 1293 bytes [10:21 06/12/2015] [10:21 06/12/2015] 8DCB109F5D6DC6A97B9D7D7534C4BB4B
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\skin\resources\en\locs\shortcuts.lt --a---- 1615 bytes [23:52 15/03/2017] [23:52 15/03/2017] 98D5D07023F320B3FFCCA5C96E8874C0
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\skin\resources\neutral\locs\shortcuts.lt --a---- 1615 bytes [23:52 15/03/2017] [23:52 15/03/2017] 98D5D07023F320B3FFCCA5C96E8874C0
C:\Program Files\MAGIX\Video easy 5 HD\Bitmaps\CommercialStartCursor.bmp --a---- 488 bytes [14:46 05/02/2009] [14:46 05/02/2009] 939BE33023E105220F9D544237B0AAAF
C:\Program Files\MAGIX\Video easy 5 HD\Bitmaps\StartCursor.bmp --a---- 2504 bytes [08:29 16/03/2011] [08:29 16/03/2011] 38F8C6FEE02977589CD60B37CF8557B5
C:\Program Files\Microsoft Visual Studio\Common\Graphics\Metafile\Arrows\VRTCIRAR.WMF --a---- 2454 bytes [23:00 23/04/1998] [23:00 23/04/1998] F62F210DAC6A9E6C399ACDA4E602002F
C:\Program Files\Microsoft Visual Studio\Common\Graphics\Metafile\Arrows\VRTCURAR.WMF --a---- 2774 bytes [23:00 23/04/1998] [23:00 23/04/1998] 33E3C7AB190368F2825AD690B5D2DE3B
C:\Program Files\Microsoft Visual Studio\VC98\Include\CERTCLI.H --a---- 26979 bytes [23:00 23/04/1998] [23:00 23/04/1998] 53201A8E7F66C9E64E31FCFB7239DCBA
C:\Program Files\Microsoft Visual Studio\VC98\Lib\CERTCLI.TLB --a---- 3672 bytes [23:00 12/05/1998] [23:00 12/05/1998] B15DFDF424128D9FF82EBF40C16919EC
C:\Program Files\OpenOffice 4\program\chartcontroller.dll --a---- 1839616 bytes [11:05 29/09/2016] [12:42 10/06/2017] 96407A4DA360940EA9360B74AAA4F1DE
C:\Program Files\OpenOffice 4\program\resource\chartcontrollercs.res --a---- 67988 bytes [08:34 29/09/2016] [08:34 29/09/2016] C2FDBC383859B093258D2D5B8335CE91
C:\Program Files\OpenOffice 4\share\config\soffice.cfg\modules\BasicIDE\toolbar\insertcontrolsbar.xml --a---- 3518 bytes [21:07 05/09/2016] [21:07 05/09/2016] 2D4A317274C4CFADF5E1CA8296FD7A99
C:\Program Files\OpenOffice 4\share\config\soffice.cfg\modules\dbreport\toolbar\reportcontrols.xml --a---- 2212 bytes [20:34 05/09/2016] [20:34 05/09/2016] C5E81AE990AE54677AE19F4977EBF14D
C:\Program Files\OpenOffice 4\share\config\soffice.cfg\modules\scalc\toolbar\insertcellsbar.xml --a---- 1453 bytes [20:46 05/09/2016] [20:46 05/09/2016] 198031BDE1D69A9853F6DE3B5EAC689B
C:\Program Files\Sophos\Sophos Virus Removal Tool\SVRTcli.exe --a---- 207864 bytes [09:39 22/05/2017] [09:39 22/05/2017] DD9693ADAA93129C789E35F6954D69E6
C:\Program Files\Star Stable Online\Data\AncientTerracesDirtCol.pco --a---- 957 bytes [16:01 13/10/2015] [16:01 13/10/2015] 713313F649DA164523769A841DBF43A3
C:\Program Files\Star Stable Online\Data\BunkerCorridorStartCol.pco --a---- 381 bytes [11:48 20/01/2016] [11:48 20/01/2016] 4F360ADE390C4DA92886836839264266
C:\Program Files\Star Stable Online\Data\BunkerCorridorTcross.pme --a---- 1074 bytes [11:09 21/01/2016] [11:09 21/01/2016] 34C31346297B7192231E87136EF844A2
C:\Program Files\Star Stable Online\Data\BunkerCorridorTcrossCol.pco --a---- 279 bytes [11:56 20/01/2016] [11:56 20/01/2016] 928288440EE4E27E9B576A9F08F7F074
C:\Program Files\Star Stable Online\Data\GenericGirl_v4_Hair_ShortCurly.pme --a---- 9424 bytes [09:42 25/05/2015] [09:42 25/05/2015] D2594DBFBE5389C4BB30F1B6C1B42DE4
C:\Program Files\Star Stable Online\Data\HarborWareHouse4PortCol.pco --a---- 1431 bytes [09:33 16/12/2016] [09:33 16/12/2016] D659986111338E6A2E270200C4A34A16
C:\Program Files\Star Stable Online\Data\MysticValleyShortcut_Col.pco --a---- 1401 bytes [17:00 14/01/2013] [17:00 14/01/2013] B35935AC7E7A8DB1F0A769EADB518584
C:\Program Files\Star Stable Online\Data\MysticValleyShortcut_Mesh.pme --a---- 51833 bytes [13:03 14/01/2013] [13:03 14/01/2013] C57C8E1420BDFBFF4BB625D3F789A90D
C:\Program Files\Star Stable Online\Data\SHBridgePartC.pme --a---- 1538 bytes [15:30 29/03/2016] [15:30 29/03/2016] F79EA93B10EAE9D44C66184F5DC4F3C4
C:\Program Files\Star Stable Online\Data\SHBridgePartCCol.pco --a---- 174 bytes [15:31 29/03/2016] [15:31 29/03/2016] 9A85EEFF0E2D7D7ED80E9CE42BEBD566
C:\Program Files\Star Stable Online\Data\StartCar.pso --a---- 96 bytes [19:46 19/01/2011] [19:46 19/01/2011] 37D39D35ADBD9C6C6BF5DE0BCB13A5F2
C:\WINDOWS\inf\certclas.inf --a---- 4374 bytes [12:00 25/10/2001] [12:00 25/10/2001] 555198D5DAF738FFD4079EAE7BCEE5EC
C:\WINDOWS\inf\certclas.PNF --a---- 7800 bytes [22:13 30/04/2015] [20:54 30/04/2015] EA239C7C751F7861B6040C6676E7C6CB
C:\WINDOWS\inf\smartcrd.inf --a---- 47448 bytes [13:46 17/08/2004] [13:46 17/08/2004] A31264E7C53473B79A253CF34F8E1DBE
C:\WINDOWS\inf\smartcrd.PNF --a---- 36444 bytes [22:13 30/04/2015] [02:49 14/11/2016] C276B9B60B8CD0FA83D6B9A15C897423
C:\WINDOWS\Installer\{6C00A86A-E405-4AF8-9581-78F6E620602C}\DesktopShortcut_CF4C0773CD7F4E4BA9126F1114E3A2E4.exe -ra---- 94208 bytes [22:45 06/03/2016] [12:07 11/03/2016] 57AB622453454E56DCE9078ADAE6A83C
C:\WINDOWS\Installer\{6C00A86A-E405-4AF8-9581-78F6E620602C}\StartMenuShortcut_AD94D683E81E431EA13581E1168DEA8C.exe -ra---- 94208 bytes [22:45 06/03/2016] [12:07 11/03/2016] 57AB622453454E56DCE9078ADAE6A83C
C:\WINDOWS\Installer\{85CB7BCF-958D-4B9E-8373-AE4D2C9FB324}\NewShortcut21_339C927BB4B547F9804FDF51F01D2D57.exe -ra---- 267648 bytes [13:11 11/03/2016] [16:03 11/03/2016] C37B38E2F72F473E469661B1134B83F3
C:\WINDOWS\Installer\{9F4940B4-F074-487C-AE47-4A03C80AB8A1}\NewShortcut21_339C927BB4B547F9804FDF51F01D2D57.exe -ra---- 71040 bytes [12:35 11/03/2016] [15:51 11/03/2016] 86AE4DCE5CBEDEF793C99E7B4842CAE4
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1029\ConfigShortcut.txt --a---- 38 bytes [00:40 03/07/2002] [00:40 03/07/2002] 3218986BE2D4D337E075AE03CCEB9766
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1029\WizardsShortcut.txt --a---- 38 bytes [00:40 03/07/2002] [00:40 03/07/2002] 3218986BE2D4D337E075AE03CCEB9766
C:\WINDOWS\system32\certcli.dll --a---- 196096 bytes [13:49 17/08/2004] [13:49 17/08/2004] 3067A1DF068DCEE90922590EDD24F12F
C:\WINDOWS\system32\rtcshare.exe --a---- 77312 bytes [13:49 17/08/2004] [13:49 17/08/2004] 97422720448CFD8FD01F50755424E322
C:\WINDOWS\system32\dllcache\certcli.dll --a--c- 196096 bytes [13:49 17/08/2004] [13:49 17/08/2004] 3067A1DF068DCEE90922590EDD24F12F
C:\WINDOWS\system32\dllcache\rtcshare.exe --a--c- 77312 bytes [13:49 17/08/2004] [13:49 17/08/2004] 97422720448CFD8FD01F50755424E322
C:\WINDOWS\system32\drivers\portcls.sys --a---- 145792 bytes [23:15 03/08/2004] [13:57 17/08/2004] 5B0F00E43A7094C0B7E433CB42C79164
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95.cat -ra---- 7429 bytes [08:54 14/04/2008] [14:36 17/08/2004] E7BD5426FFD290C18F9AE2DDE493EC35
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95.Manifest --a---- 1177 bytes [22:13 30/04/2015] [02:48 14/11/2016] 7ECB3D43FA4BF3289D1E728BFEAA700B
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9.cat -ra---- 7429 bytes [08:54 14/04/2008] [14:36 17/08/2004] 931CC30ED3D2677ADA2CF61323F7E6F8
C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9.Manifest --a---- 460 bytes [22:13 30/04/2015] [02:48 14/11/2016] 2BC04F942012539F7EC86940BCCA4B1A
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll -ra---- 992256 bytes [07:36 14/04/2008] [13:48 17/08/2004] 026DB0D3D04DB1500DB186281F1FDA52
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9\rtcres.dll -ra---- 134656 bytes [07:02 14/04/2008] [13:48 17/08/2004] C58D37499AAF30BC1E85AF097D3CC3CF
C:\WINDOWS2\$NtServicePackUninstall$\certcli.dll -----c- 196096 bytes [13:21 17/11/2016] [13:49 17/08/2004] 3067A1DF068DCEE90922590EDD24F12F
C:\WINDOWS2\$NtServicePackUninstall$\rtcshare.exe -----c- 77312 bytes [13:21 17/11/2016] [13:49 17/08/2004] 97422720448CFD8FD01F50755424E322
C:\WINDOWS2\$NtServicePackUninstall$\smartcrd.inf -----c- 47448 bytes [13:22 17/11/2016] [13:46 17/08/2004] A31264E7C53473B79A253CF34F8E1DBE
C:\WINDOWS2\inf\certclas.inf --a---- 4374 bytes [12:00 25/10/2001] [12:00 25/10/2001] 555198D5DAF738FFD4079EAE7BCEE5EC
C:\WINDOWS2\inf\certclas.PNF --a---- 7800 bytes [13:18 17/11/2016] [13:11 17/11/2016] DB300301E13BACB63215F2DD4F5FD094
C:\WINDOWS2\inf\smartcrd.inf --a---- 47448 bytes [13:46 17/08/2004] [07:12 14/04/2008] F55090BA0A6AE65837858C9C5C0C484E
C:\WINDOWS2\inf\smartcrd.PNF --a---- 36460 bytes [13:19 17/11/2016] [13:42 17/11/2016] C443FD689DF64F32B49DA026CDCE3B37
C:\WINDOWS2\Installer\{7ADEEB5D-F09B-1063-C9C5-94B2A5DF6C8B}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe -ra---- 88102 bytes [14:31 17/11/2016] [14:31 17/11/2016] 6F30B650D70EEDF9A29DB651ED42A156
C:\WINDOWS2\Installer\{7ADEEB5D-F09B-1063-C9C5-94B2A5DF6C8B}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe -ra---- 88102 bytes [14:31 17/11/2016] [14:31 17/11/2016] 6F30B650D70EEDF9A29DB651ED42A156
C:\WINDOWS2\Installer\{7ADEEB5D-F09B-1063-C9C5-94B2A5DF6C8B}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe -ra---- 88102 bytes [14:31 17/11/2016] [14:31 17/11/2016] 6F30B650D70EEDF9A29DB651ED42A156
C:\WINDOWS2\Installer\{7ADEEB5D-F09B-1063-C9C5-94B2A5DF6C8B}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe -ra---- 88102 bytes [14:31 17/11/2016] [14:31 17/11/2016] 6F30B650D70EEDF9A29DB651ED42A156
C:\WINDOWS2\ServicePackFiles\i386\certcli.dll ------- 196096 bytes [13:33 17/11/2016] [07:51 14/04/2008] 7BF2BC7728F77838E195743E76727F7B
C:\WINDOWS2\ServicePackFiles\i386\portcls.sys ------- 146048 bytes [13:32 17/11/2016] [23:49 13/04/2008] E82A496C3961EFC6828B508C310CE98F
C:\WINDOWS2\ServicePackFiles\i386\rtcshare.exe ------- 77312 bytes [13:33 17/11/2016] [07:52 14/04/2008] B43115CF2531FCB5A65DD0A7BD4FEA64
C:\WINDOWS2\ServicePackFiles\i386\smartcrd.inf ------- 47448 bytes [13:33 17/11/2016] [07:12 14/04/2008] F55090BA0A6AE65837858C9C5C0C484E
C:\WINDOWS2\system32\certcli.dll --a---- 196096 bytes [13:49 17/08/2004] [07:51 14/04/2008] 7BF2BC7728F77838E195743E76727F7B
C:\WINDOWS2\system32\rtcshare.exe --a---- 77312 bytes [13:49 17/08/2004] [07:52 14/04/2008] B43115CF2531FCB5A65DD0A7BD4FEA64
C:\WINDOWS2\system32\dllcache\portcls.sys --a--c- 146048 bytes [14:47 17/11/2016] [23:49 13/04/2008] E82A496C3961EFC6828B508C310CE98F
C:\WINDOWS2\system32\drivers\portcls.sys --a---- 146048 bytes [14:47 17/11/2016] [23:49 13/04/2008] E82A496C3961EFC6828B508C310CE98F
C:\WINDOWS2\system32\ReinstallBackups\0010\DriverFiles\i386\portcls.sys --a---- 146048 bytes [18:58 20/11/2016] [23:49 13/04/2008] E82A496C3961EFC6828B508C310CE98F
C:\WINDOWS2\system32\ReinstallBackups\0012\DriverFiles\i386\portcls.sys --a---- 146048 bytes [18:59 20/11/2016] [23:49 13/04/2008] E82A496C3961EFC6828B508C310CE98F
C:\WINDOWS2\system32\ReinstallBackups\0013\DriverFiles\i386\portcls.sys --a---- 146048 bytes [19:01 20/11/2016] [23:49 13/04/2008] E82A496C3961EFC6828B508C310CE98F
C:\WINDOWS2\system32\ReinstallBackups\0014\DriverFiles\i386\portcls.sys --a---- 146048 bytes [19:02 20/11/2016] [23:49 13/04/2008] E82A496C3961EFC6828B508C310CE98F
C:\WINDOWS2\system32\ReinstallBackups\0015\DriverFiles\i386\portcls.sys --a---- 146048 bytes [19:03 20/11/2016] [23:49 13/04/2008] E82A496C3961EFC6828B508C310CE98F
C:\WINDOWS2\WinSxS\Manifests\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95.cat --a---- 10678 bytes [08:54 14/04/2008] [08:54 14/04/2008] DF3B98565A4D0BECFD4E072239B58DE3
C:\WINDOWS2\WinSxS\Manifests\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95.Manifest --a---- 1187 bytes [13:18 17/11/2016] [13:34 17/11/2016] 56C09181D4A8B7462CCB82691E533441
C:\WINDOWS2\WinSxS\Manifests\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9.cat --a---- 10678 bytes [08:54 14/04/2008] [08:54 14/04/2008] 237664C749B2C727DC2E60EF3F9C36CC
C:\WINDOWS2\WinSxS\Manifests\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9.Manifest --a---- 460 bytes [13:18 17/11/2016] [13:34 17/11/2016] FF1E6835AF51D842006A60E16B65E387
C:\WINDOWS2\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll --a---- 992256 bytes [07:36 14/04/2008] [07:36 14/04/2008] 54AD537C1E44E252901EBF29524593C8
C:\WINDOWS2\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9\rtcres.dll --a---- 134656 bytes [07:02 14/04/2008] [07:02 14/04/2008] 467ED278AFF764D75D12A06267F47890

========== folderfind ==========

Searching for "*RTC*"
C:\Documents and Settings\1234\Data aplikací\IObit\Advanced SystemCare\Startup Manager\Shortcut d------ [22:53 06/03/2016]
C:\Documents and Settings\1234\Data aplikací\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic d------ [22:53 06/03/2016]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare\Startup Manager\Shortcut d------ [06:42 15/10/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic d------ [06:42 15/10/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare Beta\Startup Manager\Shortcut d------ [22:49 08/10/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare Beta\Startup Manager\ShortcutPublic d------ [22:49 08/10/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare V8\Startup Manager\Shortcut d------ [20:38 01/05/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare V8\Startup Manager\ShortcutPublic d------ [20:38 01/05/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Startup Manager\Shortcut d------ [10:47 05/11/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Startup Manager\ShortcutPublic d------ [10:47 05/11/2015]
C:\Documents and Settings\Administrator\Data aplikací\IObit\Advanced SystemCare\Startup Manager\Shortcut d------ [14:19 10/11/2015]
C:\Documents and Settings\Administrator\Data aplikací\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic d------ [14:19 10/11/2015]
C:\Documents and Settings\znk\Data aplikací\IObit\Advanced SystemCare\Startup Manager\Shortcut d------ [11:20 10/02/2016]
C:\Documents and Settings\znk\Data aplikací\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic d------ [11:20 10/02/2016]
C:\Image-Line(old)\FL Studio 12\Data\Patches\Plugin presets\Generators\Fruity Envelope Controller\Smart controls d------ [12:55 16/05/2015]
C:\Program Files\Image-Line\FL Studio 123\Data\Patches\Plugin presets\Generators\Fruity Envelope Controller\Smart controls d------ [18:19 14/03/2017]
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95 d------ [22:13 30/04/2015]
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9 d------ [22:13 30/04/2015]
C:\WINDOWS\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f d------ [22:13 30/04/2015]
C:\WINDOWS2\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95 d------ [13:18 17/11/2016]
C:\WINDOWS2\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9 d------ [13:18 17/11/2016]
C:\WINDOWS2\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f d------ [13:18 17/11/2016]

========== regfind ==========

Searching for "RTC"
[HKEY_CURRENT_USER\Control Panel\Screen Saver.Mystify]
"StartColor1"="0 0 0"
[HKEY_CURRENT_USER\Control Panel\Screen Saver.Mystify]
"StartColor2"="0 0 0"
[HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut0"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Windows Media Player.lnk"
[HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut1"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shb]
@="DocShortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.url]
@="InternetShortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Application.Reference]
"IsShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Application.Reference\shell\open\command]
@="rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.Config]
@="CertConfig Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.Config.1]
@="CertConfig Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06EEE834-461C-42c2-8DCF-1502B527B1F9}]
@="URL Shortcut PropSetStorage Mapping"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06EEE834-461C-42c2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{000214A0-0000-0000-C000-000000000046}]
"Section"="InternetShortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06EEE834-461C-42c2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{5CBF2787-48CF-4208-B90E-EE5E5D420294}]
"Section"="InternetShortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{372FCE38-4324-11D0-8810-00A0C903B83C}]
@="CertConfig Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{372FCE38-4324-11D0-8810-00A0C903B83C}\InprocServer32]
@="C:\WINDOWS2\system32\certcli.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C4A5E40-732C-11D0-8816-00A0C903B83C}\InprocServer32]
@="C:\WINDOWS2\system32\certcli.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FE0D935-DDA6-443F-85D0-1CFB58FE41DD}\InProcServer32]
@="C:\WINDOWS2\system32\certcli.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C758294-9351-11d1-9D1A-006008B0E5CA}]
@="Com98rtc Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98AFF3F0-5524-11D0-8812-00A0C903B83C}\InprocServer32]
@="C:\WINDOWS2\system32\certcli.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA000926-FFBE-11CF-8800-00A0C903B83C}\InprocServer32]
@="C:\WINDOWS2\system32\certcli.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDEADF00-C265-11d0-BCED-00A0C90AB50F}]
"InfoTip"="Here you can create shortcuts to web folders on your company's intranet or the World Wide Web. To publish documents to a web folder or manage the files in it, click on its shortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C6CC49B0-CE17-11D0-8833-00A0C903B83C}\InprocServer32]
@="C:\WINDOWS2\system32\certcli.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D66D6F99-CDAA-11D0-B822-00C04FC9B31F}]
@="Multi Language ConvertCharset"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}]
@="Internet Shortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\ProgID]
@="InternetShortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COLBCatalog]
@="Com98rtc Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COLBCatalog.1]
@="Com98rtc Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ConferenceLink]
"IsShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DocShortcut]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DocShortcut]
"IsShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{288A86D1-6F4F-39C9-9E42-162CF1C37226}]
@="_TypeLibImportClassAttribute"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{372FCE34-4324-11D0-8810-00A0C903B83C}]
@="ICertConfig"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4C545457-76D7-3C56-B277-6A9E86D1046F}]
@="_CodeNamespaceImportCollection"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7A18EDDE-7E78-4163-8DED-78E2C9CEE924}]
@="ICertConfig2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{87E403C2-6DAA-4C76-A3CD-FB6E344B86B8}]
@="IRTCShare"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{97C3808A-ECA1-4CA6-8D09-122A3CC54B3B}]
@="IMsgrPassportClient"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B30F7305-5967-45D1-B7BC-D6EB7163D770}]
@="IPassportClientServices"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C9A5713A-EB52-4D7A-8E63-A2842571A7F3}]
@="V7ONLY_IPortCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F935DC23-1CF0-11D0-ADB9-00C04FD58A0B}]
@="IWshShortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F935DC2B-1CF0-11D0-ADB9-00C04FD58A0B}]
@="IWshURLShortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\InternetShortcut]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\InternetShortcut]
"IsShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile]
"IsShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\piffile]
"IsShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{372FCE32-4324-11D0-8810-00A0C903B83C}\1.0]
@="CertCli 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{372FCE32-4324-11D0-8810-00A0C903B83C}\1.0\0\win32]
@="C:\WINDOWS2\system32\certcli.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8DE06D9A-7FB0-4A94-A7A3-33B5A1BF90D1}\1.0]
@="RTCShare 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8DE06D9A-7FB0-4A94-A7A3-33B5A1BF90D1}\1.0\0\win32]
@="C:\WINDOWS2\system32\rtcshare.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WSHFile]
"IsShortcut"="Yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Gemplus\Cryptography\SmartCards]
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\environment]
"NeedStartCriticalTimeWatcher"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\environment]
"CreateDesktopShortcut"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\environment]
"CreateSafeBankingShortcut"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts]
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts]
"WebLinkShortcutName"="Visit Kaspersky Lab on the Web"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts]
"LicenseAgreementShortcutName"="End User License Agreement"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts]
"UninstallShortcutName"="Remove Kaspersky Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts]
"SafeMoneyShortcutName"="Safe Money"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts]
"LaunchShortcutName"="Kaspersky Internet Security"

Uživatelský avatar
bbdra
Level 2.5
Level 2.5
Příspěvky: 373
Registrován: listopad 13
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod bbdra » 13 čer 2017 12:12

[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KAV]
"WebLinkShortcutName"="Visit Kaspersky Lab on the Web"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KAV]
"LicenseAgreementShortcutName"="End User License Agreement"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KAV]
"UninstallShortcutName"="Remove Kaspersky Anti-Virus"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KAV]
"LaunchShortcutName"="Kaspersky Anti-Virus"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KFA]
"WebLinkShortcutName"="Visit Kaspersky Lab on the Web"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KFA]
"LicenseAgreementShortcutName"="End User License Agreement"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KFA]
"UninstallShortcutName"="Remove Kaspersky Free"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KFA]
"LaunchShortcutName"="Kaspersky Free"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS]
"WebLinkShortcutName"="Visit Kaspersky Lab on the Web"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS]
"LicenseAgreementShortcutName"="End User License Agreement"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS]
"UninstallShortcutName"="Remove Kaspersky Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS]
"SafeMoneyShortcutName"="Safe Money"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS]
"LaunchShortcutName"="Kaspersky Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE]
"WebLinkShortcutName"="Visit Kaspersky Lab on the Web"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE]
"LicenseAgreementShortcutName"="End User License Agreement"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE]
"UninstallShortcutName"="Remove Kaspersky Total Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE]
"SafeMoneyShortcutName"="Safe Money"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE]
"LaunchShortcutName"="Kaspersky Total Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP17.0.0\settings\SupportCustom]
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\environment]
"NeedStartCriticalTimeWatcher"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\environment]
"CreateDesktopShortcut"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\environment]
"CreateSafeBankingShortcut"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts]
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts]
"LaunchShortcutName"="Kaspersky Secure Connection"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts]
"WebLinkShortcutName"="My Kaspersky"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts]
"LicenseAgreementShortcutName"="Licenční smlouva s koncovým uživatelem"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts]
"UninstallShortcutName"="Odebrat Kaspersky Secure Connection"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts\KSDE]
"LaunchShortcutName"="Kaspersky Secure Connection"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts\KSDE]
"WebLinkShortcutName"="My Kaspersky"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts\KSDE]
"LicenseAgreementShortcutName"="Licenční smlouva s koncovým uživatelem"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSDE1.0.0\Installer\shortcuts\KSDE]
"UninstallShortcutName"="Odebrat Kaspersky Secure Connection"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Global\System Parameter Overrides]
"EnableImprovedSeekShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\HelpSvc\System Parameter Overrides]
"EnableImprovedSeekShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\services\System Parameter Overrides]
"EnableImprovedSeekShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\svchost\System Parameter Overrides]
"EnableImprovedSeekShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\wuauclt\System Parameter Overrides]
"EnableImprovedSeekShortcut"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE\REUSEWINDOWS]
"Text"="Reuse windows for launching shortcuts (when tabbed browsing is off)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\BalanceSlider]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\Button]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2114"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ButtonGroup\ButtonElement]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2114"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ButtonGroup\FFWDElement]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2121"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ButtonGroup\NextElement]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2125"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ButtonGroup\PauseElement]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ButtonGroup\PlayElement]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ButtonGroup\PrevElement]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2127"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ButtonGroup\REWElement]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2123"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ButtonGroup\StopElement]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2119"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\CloseButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2135"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\FFWDButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2121"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\MinimizeButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2133"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\MuteButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2131"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\NextButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2125"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\PauseButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\PlayButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\PrevButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2127"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\RepeatButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2139"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ReturnButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2129"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\REWButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2123"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\SeekSlider]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\ShuffleButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2137"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\Slider]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\StopButton]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2119"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\VolumeSlider]
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2111"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MessengerService\SessionManager\Apps\{1DF57D09-637A-4ca5-91B9-2C3EDAAF62FE}]
"Path"=""C:\WINDOWS2\system32\rtcshare.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MessengerService\SessionManager\Apps\{F1B1920C-6A3C-4ce7-B18C-AFAB305FD03D}]
"Path"=""C:\WINDOWS2\system32\rtcshare.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SmartCard]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NewShortcutHandlers]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WindowsUpdate]
"ShortcutName"="Windows Update"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\03B2613C3D46EE34A82B266F1DA16DB5]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KFA\LicenseAgreementShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FD3AD18AC0A19E4986F4EDC986465BD]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KFA\WebLinkShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\131F285965444CE40A73B1DFA51CD6EB]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE\UninstallShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AD1ED2E8EF73BD4D8D5028F96777E62]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KAV\WebLinkShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DD4C64A7F61C024080C0F4FAA577628]
"D2D446E2F3994B348BA55163C37A773C"="02:\software\famatech\advanced_ip_scanner\c_shortcut_help"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\208F2074A615B3348ABE2A1A4CE0D15F]
"A00680371325C9543A2E6A738F24ACAC"="C:\Program Files\OpenOffice 4\program\chartcontroller.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\20DFF8D3D85067540965F62D0E4DEA1B]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS\SafeMoneyShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2679A9DCA53DF914F97E30A3CFC23025]
"26948FC18F05AC8409287BF0A3206C68"="01:\SOFTWARE\KasperskyLab\KSDE1.0.0\DesktopShortcutInstalled"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A5F8FF815560ED42B7CB612EB62E27C]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KFA\UninstallShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5F9E2823A125E144EB363D8962401DB9]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS\UninstallShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6076B3D9C40640146A9075E8568D0132]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE\SafeMoneyShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\716DF650124E86E449F20EF8FF9E10F4]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KAV\UninstallShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F525558395BE414D91A98E708600ABB]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE\LicenseAgreementShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4A03BFCB2CC89C42842E23EDBCD0768]
"D2D446E2F3994B348BA55163C37A773C"="02:\SOFTWARE\famatech\advanced_ip_scanner\c_shortcut_desktop"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8E6F2A78397C204B83036A8C6729468]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS\LicenseAgreementShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE53C90B373D5B34EAA6146DA26DE2E3]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KAV\LicenseAgreementShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB0B6383736E94548BE4BBC3374E6D1C]
"A00680371325C9543A2E6A738F24ACAC"="C:\Program Files\OpenOffice 4\program\resource\chartcontrollercs.res"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C7FFF57E8D8EDB04E9EFC5DBACF8C05A]
"D2D446E2F3994B348BA55163C37A773C"="02:\software\famatech\advanced_ip_scanner\c_shortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CC6BCB95779DF0A4C8EC7490C8F69430]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\KIS\WebLinkShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D17798FFAF3037944A7ED36A8B20C06A]
"D2D446E2F3994B348BA55163C37A773C"="02:\software\famatech\advanced_ip_scanner\c_shortcut_uninstall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFD17603C81FE5C4F8821F786100F313]
"B7D1B72E43B32A34F90C89825DFD642E"="02:\SOFTWARE\KasperskyLab\AVP17.0.0\Installer\shortcuts\PURE\WebLinkShortcutName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5C1093C35543A0E32A41B090A305076A\Features]
"Installer_Setup_ddf"="mQvBl?xX47Gv-cjO(7=o~s1q+}W(U4ixz9kCvH_VRw@+RaDKd7p}Ri07bh{4*be~J}$^n6%XIqSW&uTg4GgIpn'dm4hFDS[O8yA1Am5n4+(iQ5ojQ&B(k6ec4Ft.tiP'S575&]HZ)T*OcUN@pzIox3G(SksA$E[V_E^1LHTy?4+@0%=Udf{]*m1?snM`L7VZLS]G56a[&r]GOBpPl6Mp7W4hhAmR9-QoCN6b!4G&,I-4WV=P[pYoEKHvv7{KkB`.~Rx%@q8!1L{-=8=G.dvrTC?pLV12n8EeW4TWFQ,*ACg^a`r2G_ru]39%b@]l1Yx5%WFDZ9yww64eqyMKHG_e=obvQ&9z85[v!lLq40vFQ)OmB?p!e35_6Q^N5i[aZaO^TThSK4*Nk20JQeq`X-Z5pfS6h7Rjsr*A3]vONI7Kaj[p26GMlzbOP`a6@Bg66-)t@81&U{nZBhg-jyo!pjD~_48A.-.[rV_`'2EB.4nA+6aQ.j=@6YO]+6[mn6?+N8VySi&WL2LgAysMm3v}44'd-GBBQF*6`2OVVHzhR5v[53xts`K^~G5Sfc){Z4]XC6*Kkoj=&]W?tv=wH6X3tsH0HR6$NM}8mCH~850h!x^bG)Hj65kph@UD}5Xft6FFBTOZsroW'(tO765*T!+F{IZ=+cg+V^jZT5q$Jz+UIZ0,jUdBA1^Yq41IEA4mF%TVimBP*IExq5JJXd!DqpTMjgpSEK9L^39$-2mhFZ,_!YVICcGt]6MT`VwSN`$dnk7f7J_n!7CB1o7y^$d1U'ivG^_cC6,k9zB?5}Z+Z6kAO{ee*8zKp3gd?b815a^h'zEGi3&E=ZIPSgi$'&x[zm-+]5QcgJ!(ev
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5C1093C35543A0E32A41B090A305076A\Features]
"KB2600217"="U?l_Nsj-k5NgscdQ^nRtcu9GU,u5&6~A+Xn*.T8y-8d]wc'cu6x-~62TDUQ'h7qyWIxdc3Gr%NPWE.)QServicing_Key"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-329068152-1645522239-839522115-1003\Products\279E967429E25C946B9F64E5DFC0D449\Features]
"VideoTransitionsFeature"="(*$k43(*z?Oo[LJ8m*2^HPetR?a0i?~t}&Uzq.A(8pvECI)gX@k~YuUlW%Z-?$@eR]%o+9TJh?Iy~sm?Gwvofr}QB=WbJg^+5-If.'wTb@WxG@HB)}F`mBL@y~ID&gv=T?}J*1rv03$C9o,qdOR`t=cotj,6.!uku+S+yV*3P9.pP2Rcioe.H^w5`(S{.=Iv]jAoJO]Kc'1{Ek5XJAK%pxg5k%n2l0CfNJJ`IA0,7yA{5zx[~!qa`0Usw8RtC=H[RKaY&%^6-eh^X?G4$uS2yojnsEquZayl7A^IyFwUvdf)7yE*zPb*o@8nfB43]$eA1*K=K'DiU9w]ypu[Y,PMs)hL2['ou=sStvE9,akRh?0ui_`z59F$_Ajh8GzzEffectsFeature"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries.Resources_6595b64144ccf1df_6.0.0.0_cs-CZ_8b83fff2]
"ShortCatalogName"="X85929~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7]
"ShortCatalogName"="X8E0A9~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a]
"ShortCatalogName"="X8F53A~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a]
"ShortCatalogName"="X8BB91~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9]
"ShortCatalogName"="X818E4~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83]
"ShortCatalogName"="X8AC8C~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202]
"ShortCatalogName"="X8CE51~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a]
"ShortCatalogName"="X8794C~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9]
"ShortCatalogName"="X8212F~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63]
"ShortCatalogName"="X8F8FD~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13]
"ShortCatalogName"="X86_MI~3.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82]
"ShortCatalogName"="X86_MI~2.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c]
"ShortCatalogName"="X8CD1A~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154]
"ShortCatalogName"="X83917~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550]
"ShortCatalogName"="X88D92~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7]
"ShortCatalogName"="X80CEE~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95]
"Identity"="Microsoft.Windows.Networking.RtcDll,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.2.3""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95]
"ShortCatalogName"="X8848F~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95]
"Codebase"="C:\WINDOWS2\ServicePackFiles\i386/rtcdll.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\Codebases\OS]
"URL"="x-ms-windows-source:I386/asms/52/msft/windows/net/rtcdll/rtcdll.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\Codebases\U_Service Pack 3]
"URL"="C:\WINDOWS2\ServicePackFiles\i386/rtcdll.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\Files\0]
@="rtcdll.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9]
"Identity"="Microsoft.Windows.Networking.RtcRes,language="cs",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.2.3""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9]
"ShortCatalogName"="X83E0F~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9]
"Codebase"="C:\WINDOWS2\ServicePackFiles\i386/rtcres.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9\Codebases\OS]
"URL"="x-ms-windows-source:I386/asms/52/msft/windows/net/rtcres/rtcres.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9\Codebases\U_Service Pack 3]
"URL"="C:\WINDOWS2\ServicePackFiles\i386/rtcres.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9\Files\0]
@="rtcres.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.0.0_x-ww_fc342b0b]
"ShortCatalogName"="X86_MI~4.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_bcc9a281]
"ShortCatalogName"="X86_MI~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_5ff735e2]
"ShortCatalogName"="102600~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_ed7ce46c]
"ShortCatalogName"="102600~2.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_d6a787b4]
"ShortCatalogName"="106002~2.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_01baebb0]
"ShortCatalogName"="106002~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_0e037a8a]
"ShortCatalogName"="512600~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_cf59288d]
"ShortCatalogName"="5223~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b]
"Identity"="policy.5.2.Microsoft.Windows.Networking.Rtcdll,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32-policy",version="5.2.2.3""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b]
"ShortCatalogName"="5223~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b]
"Codebase"="C:\WINDOWS2\ServicePackFiles\i386/rtcdll.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b\Codebases\OS]
"URL"="x-ms-windows-source:I386/asms/52/policy/msft/windows/networking/rtcdll/rtcdll.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b\Codebases\U_Service Pack 3]
"URL"="C:\WINDOWS2\ServicePackFiles\i386/rtcdll.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_d7ea3c6f]
"ShortCatalogName"="609792~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_eb84b25e]
"ShortCatalogName"="602600~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_790a60e8]
"ShortCatalogName"="602600~2.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_a51be467]
"ShortCatalogName"="602600~3.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_cf5111a1]
"ShortCatalogName"="702600~1.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_5cd6c02b]
"ShortCatalogName"="702600~2.CAT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"Logon"="SCardStartCertProp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
"Class"="SmartCardReader"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CoDeviceInstallers]
"{50906CB8-BA12-11D1-BF5D-0000F805F530}"="eqnclass.dll,CoInstallClass spxcoins.dll,SpxClassCoInstaller dgsetup.dll,DigiMultiPortCoInstaller dgrpsetu.dll,DigiMultiPortCoInstaller"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceGroupOrder]
"List"="System Reserved Boot Bus Extender System Bus Extender SCSI miniport Port Primary Disk SCSI Class SCSI CDROM Class FSFilter Infrastructure FSFilter System FSFilter Bottom FSFilter Copy Protection FSFilter Security Enhancer FSFilter Open File FSFilter Physical Quota Management FSFilter Encryption FSFilter Compression FSFilter HSM FSFilter Cluster File System FSFilter System Recovery FSFilter Quota Management FSFilter Content Screener FSFilter Continuous Backup FSFilter Replication FSFilter Anti-Virus FSFilter Undelete FSFilter Activity Monitor FSFilter Top Filter Boot File System Base Pointer Port Keyboard Port Pointer Class Keyboard Class Video Init Video Video Save File System Event Log Streams Drivers NDIS Wrapper COM Infrastructure UIGroup LocalValidation PlugPlay PNP_TDI NDIS TDI NetBIOSGroup ShellSvcGroup SchedulerGroup SpoolerGroup AudioGroup SmartCardGroup NetworkProvider RemoteValidation NetDDEGroup Parallel arbitrator Extende
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCardSvr]
"Group"="SmartCardGroup"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
"Class"="SmartCardReader"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\CoDeviceInstallers]
"{50906CB8-BA12-11D1-BF5D-0000F805F530}"="eqnclass.dll,CoInstallClass spxcoins.dll,SpxClassCoInstaller dgsetup.dll,DigiMultiPortCoInstaller dgrpsetu.dll,DigiMultiPortCoInstaller"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\ServiceGroupOrder]
"List"="System Reserved Boot Bus Extender System Bus Extender SCSI miniport Port Primary Disk SCSI Class SCSI CDROM Class FSFilter Infrastructure FSFilter System FSFilter Bottom FSFilter Copy Protection FSFilter Security Enhancer FSFilter Open File FSFilter Physical Quota Management FSFilter Encryption FSFilter Compression FSFilter HSM FSFilter Cluster File System FSFilter System Recovery FSFilter Quota Management FSFilter Content Screener FSFilter Continuous Backup FSFilter Replication FSFilter Anti-Virus FSFilter Undelete FSFilter Activity Monitor FSFilter Top Filter Boot File System Base Pointer Port Keyboard Port Pointer Class Keyboard Class Video Init Video Video Save File System Event Log Streams Drivers NDIS Wrapper COM Infrastructure UIGroup LocalValidation PlugPlay PNP_TDI NDIS TDI NetBIOSGroup ShellSvcGroup SchedulerGroup SpoolerGroup AudioGroup SmartCardGroup NetworkProvider RemoteValidation NetDDEGroup Parallel arbitrator Extende
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SCardSvr]
"Group"="SmartCardGroup"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
"Class"="SmartCardReader"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CoDeviceInstallers]
"{50906CB8-BA12-11D1-BF5D-0000F805F530}"="eqnclass.dll,CoInstallClass spxcoins.dll,SpxClassCoInstaller dgsetup.dll,DigiMultiPortCoInstaller dgrpsetu.dll,DigiMultiPortCoInstaller"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceGroupOrder]
"List"="System Reserved Boot Bus Extender System Bus Extender SCSI miniport Port Primary Disk SCSI Class SCSI CDROM Class FSFilter Infrastructure FSFilter System FSFilter Bottom FSFilter Copy Protection FSFilter Security Enhancer FSFilter Open File FSFilter Physical Quota Management FSFilter Encryption FSFilter Compression FSFilter HSM FSFilter Cluster File System FSFilter System Recovery FSFilter Quota Management FSFilter Content Screener FSFilter Continuous Backup FSFilter Replication FSFilter Anti-Virus FSFilter Undelete FSFilter Activity Monitor FSFilter Top Filter Boot File System Base Pointer Port Keyboard Port Pointer Class Keyboard Class Video Init Video Video Save File System Event Log Streams Drivers NDIS Wrapper COM Infrastructure UIGroup LocalValidation PlugPlay PNP_TDI NDIS TDI NetBIOSGroup ShellSvcGroup SchedulerGroup SpoolerGroup AudioGroup SmartCardGroup NetworkProvider RemoteValidation NetDDEGroup Parallel arbitrator Ext
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr]
"Group"="SmartCardGroup"
[HKEY_USERS\.DEFAULT\Control Panel\Screen Saver.Mystify]
"StartColor1"="0 0 0"
[HKEY_USERS\.DEFAULT\Control Panel\Screen Saver.Mystify]
"StartColor2"="0 0 0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut0"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Windows Media Player.lnk"
[HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut1"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-19\Control Panel\Screen Saver.Mystify]
"StartColor1"="0 0 0"
[HKEY_USERS\S-1-5-19\Control Panel\Screen Saver.Mystify]
"StartColor2"="0 0 0"
[HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut0"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut1"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-20\Control Panel\Screen Saver.Mystify]
"StartColor1"="0 0 0"
[HKEY_USERS\S-1-5-20\Control Panel\Screen Saver.Mystify]
"StartColor2"="0 0 0"
[HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut0"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut1"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Control Panel\Screen Saver.Mystify]
"StartColor1"="0 0 0"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Control Panel\Screen Saver.Mystify]
"StartColor2"="0 0 0"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Image-Line\FL Studio 12\Windows\1280x1024x0\Toolbars\41\ShortcutToolBar]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Image-Line\FL Studio 12\Windows\1280x1024x0\Toolbars\41\ShortcutToolBar2]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Image-Line\FL Studio 12\Windows\1280x1024x0\Toolbars\41\ShortcutToolBar3]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Image-Line\FL Studio 12\Windows\1280x1024x0\Toolbars\ShortcutToolBar]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Image-Line\FL Studio 12\Windows\1280x1024x0\Toolbars\ShortcutToolBar2]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Image-Line\FL Studio 12\Windows\1280x1024x0\Toolbars\ShortcutToolBar3]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Advanced INF Setup\IE UserData NT\RegBackup\0.map]
"d56492fb72e568c0"=",33,HKCU,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NewShortcutHandlers,{FBF23B40-E3F0-101B-8488-00AA003E56F8},"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut0"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut1"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut2"="C:\Documents and Settings\Adam2\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut3"="C:\Documents and Settings\Adam2\Nabídka Start\Programy\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut4"="C:\Documents and Settings\Adam2\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\MediaPlayer\Setup\UserOptions]
"DesktopShortcut"="no"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\MediaPlayer\Setup\UserOptions]
"QuickLaunchShortcut"="yes"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\RTC]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Search Assistant\ACMru\5603]
"002"="RTC video PNP listener"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Search Assistant\ACMru\5604]
"002"="RTC"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Tracing\WPPMediaPerApp\Skype\OrtcEngineApi]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Tracing\WPPMediaPerApp\Skype\RTCP]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\NewShortcutHandlers]
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-500\Control Panel\Screen Saver.Mystify]
"StartColor1"="0 0 0"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-500\Control Panel\Screen Saver.Mystify]
"StartColor2"="0 0 0"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-500\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut0"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-21-329068152-1645522239-839522115-500\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut1"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-18\Control Panel\Screen Saver.Mystify]
"StartColor1"="0 0 0"
[HKEY_USERS\S-1-5-18\Control Panel\Screen Saver.Mystify]
"StartColor2"="0 0 0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut0"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Windows Media Player.lnk"
[HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Setup\CreatedLinks]
"Shortcut1"="C:\Documents and Settings\Default User.WINDOWS2\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk"

-= EOF =-

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 14.5
Guru Level 14.5
Příspěvky: 36176
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod jaro3 » 13 čer 2017 17:27

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

:Files
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\RTC.der
C:\Program Files\Adobe\Reader 11.0\Reader\RTC.der
C:\WINDOWS\system32\rtcshare.exe
C:\WINDOWS\system32\dllcache\rtcshare.exe

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

https://home.mcafee.com/virusinfo/virus ... 92118#none
https://totalhash.cymru.com/analysis/?f ... 334e09d5db
tam je toho moc..

IObit\Advanced SystemCare -- odinstaloval si?

Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning
- Program začne skenovat zatržené jednotky

Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors

Počítač
Místní disk C

Nezašrkrtnuté:
Dokumenty
My email
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka

A jiné , např. Flash disky , které máš připojeny.

- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
bbdra
Level 2.5
Level 2.5
Příspěvky: 373
Registrován: listopad 13
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod bbdra » 13 čer 2017 19:15

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
========== FILES ==========
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\RTC.der moved successfully.
C:\Program Files\Adobe\Reader 11.0\Reader\RTC.der moved successfully.
C:\WINDOWS\system32\rtcshare.exe moved successfully.
C:\WINDOWS\system32\dllcache\rtcshare.exe moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: 1234
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Adam
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Adam2
->Temp folder emptied: 19485 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.BBDRA2-3D0A5E7C
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINDOWS2

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User.WINDOWS2
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: znk
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 51623 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06132017_190929

Files\Folders moved on Reboot...
C:\WINDOWS2\temp\Perflib_Perfdata_8b0.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Uživatelský avatar
bbdra
Level 2.5
Level 2.5
Příspěvky: 373
Registrován: listopad 13
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod bbdra » 13 čer 2017 19:31

IObit\Advanced SystemCare jsem na WINDOWS2 neinstaloval. Možná zůstal na starém systému WINDOWS, který je z 99% nestabilní kvůli chybě na disku.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 14.5
Guru Level 14.5
Příspěvky: 36176
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod jaro3 » 13 čer 2017 21:19

C:\Documents and Settings\1234\Data aplikací\IObit\Advanced SystemCare\Startup Manager\Shortcut d------ [22:53 06/03/2016]
C:\Documents and Settings\1234\Data aplikací\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic d------ [22:53 06/03/2016]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare\Startup Manager\Shortcut d------ [06:42 15/10/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic d------ [06:42 15/10/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare Beta\Startup Manager\Shortcut d------ [22:49 08/10/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare Beta\Startup Manager\ShortcutPublic d------ [22:49 08/10/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare V8\Startup Manager\Shortcut d------ [20:38 01/05/2015]
C:\Documents and Settings\Adam\Data aplikací\IObit\Advanced SystemCare V8

tohle tam je.

ještě udělej Kaspersky VRT a pak dej vědět , co problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
bbdra
Level 2.5
Level 2.5
Příspěvky: 373
Registrován: listopad 13
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod bbdra » 14 čer 2017 07:45

Při pokusu o uložení reportu, program selhal a spadl, test jinak doběhl ,až do konce. Vyskakovací okno psalo že je PC infikován a měl bych si stáhnout jejich software, přesto že v logu bylo detekováno jen 5 vulnearibilit. (Můj současný AV má prošlou licenci)
Přes noc udělám scan v KVRT ještě jednou, snad to potom zase nespadne.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 14.5
Guru Level 14.5
Příspěvky: 36176
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod jaro3 » 14 čer 2017 09:25

OK.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
bbdra
Level 2.5
Level 2.5
Příspěvky: 373
Registrován: listopad 13
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod bbdra » 15 čer 2017 13:20

Status: Vulnerability (events: 5)
14.6.2017 4:35:17 Vulnerability vulnerability http://www.securelist.com/en/advisories/23483 C:\Program Files\Adobe\Acrobat\Reader\AcroRd32.exe Low
14.6.2017 4:38:07 Vulnerability vulnerability http://www.securelist.com/en/advisories/55315 C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\jre\bin\java.exe Low
14.6.2017 5:04:33 Vulnerability vulnerability http://www.securelist.com/en/advisories/59501 C:\Program Files\Java\jre1.7.0\bin\java.exe Low
14.6.2017 5:04:50 Vulnerability vulnerability http://www.securelist.com/en/advisories/55315 C:\Program Files\Java\jre6\bin\java.exe Low
14.6.2017 5:05:07 Vulnerability vulnerability http://www.securelist.com/en/advisories/59501 C:\Program Files\Java\jre7\bin\java.exe Low

Uživatelský avatar
bbdra
Level 2.5
Level 2.5
Příspěvky: 373
Registrován: listopad 13
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod bbdra » 15 čer 2017 13:25

(events: 1360654, objects: 1356959, time: 03:49:41)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 14.5
Guru Level 14.5
Příspěvky: 36176
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: RTC video PnP listener - prosím o kontrolu logu

Příspěvekod jaro3 » 15 čer 2017 19:37

Nákazy smaž.

Pak napiš co problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 1 host