Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu.Pomalé pc i internet

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#31 Příspěvek od jindra.paryzek »

Oba logy jsem poslal.Jaký sken myslíte?
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu.Pomalé pc i internet

#32 Příspěvek od Márty84 »

Myslel jsem sken z OTL. Poslal jste jen jeden log. Potrebuju videt hlavne ten s nazvem OTL.Txt

Vy jste tu dal Extras.Txt a to prvni je skript, co jsem psal at vlozite do toho okna.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#33 Příspěvek od jindra.paryzek »

Už jsem ho poslal.Je na druhé straně tohoto vlákna...Ten spodní
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu.Pomalé pc i internet

#34 Příspěvek od Márty84 »

jindra.paryzek píše:Extras.Txt
OTL Extras logfile created on: 22.9.2012 20:49:45 - Run 1
Neni :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#35 Příspěvek od jindra.paryzek »

OTL logfile created on: 22.9.2012 20:49:45 - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Jindra-Dell-modry\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 64,01% Memory free
7,99 Gb Paging File | 6,66 Gb Available in Paging File | 83,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,17 Gb Total Space | 555,04 Gb Free Space | 93,10% Space Free | Partition Type: NTFS

Computer Name: JINDRAMODREJ | User Name: Jindra-Dell-modry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.09.22 20:18:39 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Jindra-Dell-modry\Downloads\OTL.exe
PRC - [2012.09.07 22:08:01 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.08.27 20:54:49 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2010.02.09 15:36:08 | 000,384,000 | ---- | M] () -- C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe
PRC - [2009.05.21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2007.03.06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012.09.07 22:07:31 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.08.27 20:54:48 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.07.30 09:37:31 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010.01.21 05:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010.01.13 23:04:10 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.10.20 11:02:10 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
SRV - [2012.09.07 22:08:00 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.09 15:36:08 | 000,384,000 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe -- (ttscp)
SRV - [2010.01.21 05:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe -- (STacSV)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2009.03.03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
SRV - [2007.03.06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.07.30 09:37:28 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2012.07.15 09:13:08 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2012.04.22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.12.01 00:55:06 | 004,716,608 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.07.05 15:07:32 | 000,059,184 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2011.07.05 15:07:30 | 000,572,336 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2011.07.05 15:07:28 | 000,352,816 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.30 21:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.09.30 21:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.01.28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.01.21 05:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.01.13 23:26:02 | 006,327,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.01.13 23:26:02 | 006,327,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.01.13 22:10:58 | 000,185,344 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.12.23 15:14:02 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.12.22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.10.09 15:00:44 | 000,005,632 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rminiv3.sys -- (mirrorv3)
DRV:64bit: - [2009.10.02 22:24:18 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.08.28 19:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.08.28 19:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 10:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.04.07 15:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2010.07.28 14:34:31 | 000,097,792 | ---- | M] (Tecar Forum) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\NSHE.SYS -- (NSHE)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=irtest ... 1158898040
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2E981B39-F99B-619E-3BF7-17A0DBAF81CD}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.searchnu.com/406
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 55f94d5a5b
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{2E981B39-F99B-619E-3BF7-17A0DBAF81CD}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={7851 ... 2012-06-27 20:01:49&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{A9C83F65-B5D6-4F9F-8A7A-F9569D7790E8}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..backup.old.browser.search.defaultenginename: "Search"
FF - prefs.js..backup.old.browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://searchfunmoods.com/?f=1&a=irtest ... 1158898040"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.6
FF - prefs.js..extensions.foxcub.prev.KWD: "data:text/plain,keyword.URL=http://search.centrum.cz/?channel_id=cu ... lid-dns&q="
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ff ... 06&sr=0&q="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jindra-Dell-modry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.18 22:32:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.18 22:32:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.18 22:32:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.18 22:32:27 | 000,000,000 | ---D | M]

[2012.09.08 16:11:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\mozilla\Extensions
[2012.09.19 17:49:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\mozilla\Firefox\Profiles\br14tz65.default\extensions
[2012.08.31 16:26:30 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\mozilla\Firefox\Profiles\br14tz65.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.07.07 18:05:37 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\mozilla\Firefox\Profiles\br14tz65.default\extensions\plugin@videofiledownload.com
[2012.09.19 17:49:07 | 002,966,066 | ---- | M] () (No name found) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\mozilla\firefox\profiles\br14tz65.default\extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
[2012.09.08 16:10:17 | 000,002,519 | ---- | M] () -- C:\Users\Jindra-Dell-modry\AppData\Roaming\mozilla\firefox\profiles\br14tz65.default\searchplugins\Search_Results.xml
[2012.09.08 16:11:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.09.07 22:07:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2012.09.18 22:32:27 | 000,000,000 | ---D | M] (Centrum.cz nastavenĂ) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012.09.18 22:32:27 | 000,000,000 | ---D | M] (Centrum doménový pomocník) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\centrumpomocnik@centrum.cz
[2012.09.07 22:08:01 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.27 20:01:40 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.06.24 11:18:40 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.24 11:18:40 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.09.08 16:10:17 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.24 11:18:40 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.24 11:18:40 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.24 11:18:40 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jindra-Dell-modry\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jindra-Dell-modry\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jindra-Dell-modry\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Cortona3D Viewer (Enabled) = C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Jindra-Dell-modry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Jindra-Dell-modry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jindra-Dell-modry\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Funmoods = C:\Users\Jindra-Dell-modry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\
CHR - Extension: SpeedDial = C:\Users\Jindra-Dell-modry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\4.0_0\
CHR - Extension: General Crawler = C:\Users\Jindra-Dell-modry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\

O1 HOSTS File: ([2012.09.22 14:31:43 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (no name) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0143E901-B999-4DBD-A71F-62ED8684933C}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{899C7421-E867-4489-A559-F1C455E5F842}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.09.22 20:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012.09.22 20:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2012.09.22 19:32:12 | 000,000,000 | ---D | C] -- C:\rsit
[2012.09.21 23:31:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.21 23:31:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.21 23:31:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.21 23:31:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.21 23:31:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.21 23:31:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.21 23:31:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.21 23:31:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.21 23:31:40 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.21 23:31:40 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.21 23:31:40 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.21 23:31:40 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.21 23:31:38 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.21 23:31:37 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.21 23:31:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.19 19:40:05 | 000,000,000 | ---D | C] -- C:\Users\Jindra-Dell-modry\Desktop\vrata
[2012.09.18 22:53:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.09.18 22:52:57 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.09.18 22:52:45 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.09.18 22:52:45 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.09.18 22:52:45 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.09.18 22:41:01 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.09.18 22:40:52 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.09.18 22:01:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.09.18 21:48:58 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.09.18 21:48:58 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.09.17 16:23:53 | 000,000,000 | ---D | C] -- C:\Users\Jindra-Dell-modry\Desktop\18.9-Kubica-Compass,Chomutov
[2012.09.16 18:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp
[2012.09.16 18:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\hps
[2012.09.16 18:41:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fotolab
[2012.09.16 10:14:58 | 000,000,000 | ---D | C] -- C:\Users\Jindra-Dell-modry\Documents\Složka Bluetooth Exchange
[2012.09.11 20:35:26 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.11 20:35:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.11 20:35:24 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.11 20:35:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.08 09:21:27 | 000,000,000 | -H-D | C] -- C:\Windows\SysWow64\asam
[2012.09.07 22:07:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.09.04 22:09:12 | 000,000,000 | ---D | C] -- C:\Users\Jindra-Dell-modry\Desktop\Wordlisty
[2012.09.01 22:03:12 | 000,000,000 | ---D | C] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blaiz Enterprises
[2012.09.01 14:07:28 | 000,000,000 | R--D | C] -- C:\Users\Jindra-Dell-modry\Documents\Scanned Documents
[2012.09.01 14:07:27 | 000,000,000 | ---D | C] -- C:\Users\Jindra-Dell-modry\Documents\Fax
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.09.22 20:51:13 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.22 20:16:44 | 000,001,984 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Desktop\CrystalDiskInfo.lnk
[2012.09.22 20:03:00 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 20:03:00 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 20:01:56 | 001,476,826 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.22 20:01:56 | 000,633,626 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.09.22 20:01:56 | 000,618,342 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.22 20:01:56 | 000,123,148 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.09.22 20:01:56 | 000,107,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.22 19:55:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.22 19:55:29 | 3218,030,592 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.22 14:50:02 | 000,000,464 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120922_145000.reg
[2012.09.22 14:49:49 | 000,006,596 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120922_144943.reg
[2012.09.22 14:31:43 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012.09.21 23:37:52 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.09.21 23:37:52 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.09.21 23:30:19 | 000,000,980 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120921_233016.reg
[2012.09.18 22:52:41 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.09.18 22:52:39 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.09.18 22:52:39 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.09.18 22:52:38 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.09.18 22:52:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.09.18 22:40:45 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.09.18 22:40:43 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.09.18 22:40:43 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.09.18 22:40:43 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.09.18 22:40:42 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2012.09.18 22:40:42 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.09.09 23:35:22 | 000,000,424 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120909_233518.reg
[2012.09.08 16:12:48 | 000,004,960 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120908_161245.reg
[2012.09.04 22:02:12 | 000,001,752 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120904_220209.reg
[2012.08.31 08:37:26 | 002,778,401 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\IMG_3750.JPG
[2012.08.30 23:43:04 | 000,000,862 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120830_234301.reg
[2012.08.30 15:06:38 | 000,000,200 | ---- | M] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120830_150635.reg
[2012.08.24 12:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.24 12:20:11 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.24 12:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.24 12:14:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.24 12:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.24 12:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.08.24 12:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.08.24 12:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.24 12:04:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.24 08:51:02 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.24 08:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.24 08:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.24 08:47:26 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.24 08:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.24 08:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.09.22 20:22:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.09.22 20:16:44 | 000,001,984 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Desktop\CrystalDiskInfo.lnk
[2012.09.22 14:50:01 | 000,000,464 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120922_145000.reg
[2012.09.22 14:49:47 | 000,006,596 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120922_144943.reg
[2012.09.21 23:30:17 | 000,000,980 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120921_233016.reg
[2012.09.10 18:06:53 | 002,778,401 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\IMG_3750.JPG
[2012.09.09 23:35:20 | 000,000,424 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120909_233518.reg
[2012.09.08 16:12:47 | 000,004,960 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120908_161245.reg
[2012.09.04 22:02:10 | 000,001,752 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120904_220209.reg
[2012.08.30 23:43:03 | 000,000,862 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120830_234301.reg
[2012.08.30 15:06:36 | 000,000,200 | ---- | C] () -- C:\Users\Jindra-Dell-modry\Documents\cc_20120830_150635.reg
[2012.07.07 20:57:58 | 000,384,844 | ---- | C] () -- C:\Users\Jindra-Dell-modry\AppData\Local\funmoods-speeddial_sf.crx
[2012.07.07 20:57:57 | 000,031,465 | ---- | C] () -- C:\Users\Jindra-Dell-modry\AppData\Local\funmoods.crx
[2012.06.14 21:37:53 | 000,005,166 | ---- | C] () -- C:\Users\Jindra-Dell-modry\AppData\Local\recently-used.xbel
[2012.01.16 21:28:42 | 000,000,644 | RHS- | C] () -- C:\Users\Jindra-Dell-modry\ntuser.pol
[2012.01.16 18:21:47 | 000,045,915 | ---- | C] () -- C:\Program Files\xsvr.rar
[2012.01.16 17:37:07 | 000,000,017 | ---- | C] () -- C:\Users\Jindra-Dell-modry\AppData\Local\resmon.resmoncfg
[2012.01.06 01:39:48 | 000,001,192 | ---- | C] () -- C:\Users\Jindra-Dell-modry\AppData\Local\SRDownloader.nast
[2012.01.05 20:11:02 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\hlduinst.exe
[2011.12.05 00:07:34 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.12.05 00:07:20 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.12.05 00:07:20 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.12.05 00:07:19 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.12.01 01:11:50 | 001,495,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.30 23:24:12 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.11.30 23:23:18 | 000,000,491 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.11.30 23:23:18 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.11.30 23:23:17 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hcwChDB.dll
[2011.11.30 22:59:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

========== LOP Check ==========

[2012.01.02 22:45:21 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\AnvSoft
[2012.08.11 00:24:59 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Balabolka
[2012.01.07 03:23:48 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\calibre
[2012.01.19 23:28:46 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\CheckPoint
[2012.01.13 00:16:07 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Devicescape
[2012.08.04 20:16:26 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\ffDiaporama
[2011.12.01 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\GHISLER
[2012.01.19 16:14:29 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Hunspell
[2011.12.16 15:01:43 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\ICQ
[2012.08.17 08:17:46 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit
[2012.09.18 22:32:29 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Jpeg Resampler
[2012.01.02 16:21:01 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Key Metric Software
[2012.07.07 21:01:21 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Media Finder
[2012.08.04 14:37:21 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Nokia
[2012.04.01 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Nokia Suite
[2012.01.21 20:43:35 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Notepad++
[2012.01.07 03:11:21 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\OpenOffice.org
[2012.01.25 19:17:17 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\OtakuSoftware
[2012.07.30 08:45:33 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\PC Suite
[2012.01.18 00:15:12 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Radmin
[2012.07.27 13:18:15 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Sammsoft
[2012.01.20 01:19:05 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\TuneUp Software
[2012.08.04 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Ulead Systems
[2012.04.05 16:43:32 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\WebcamMax
[2012.07.07 20:45:48 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\YourFileDownloader

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,530 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\ERDNT\cache64\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\SysNative\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\ERDNT\cache86\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\ERDNT\cache64\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\ERDNT\cache64\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: SYMMPI.SYS >
[2011.07.05 15:07:38 | 000,106,880 | ---- | M] (LSI Corporation) MD5=05CFC382170A709F931E41620677097A -- C:\Program Files (x86)\Paragon Software\Hard Disk Manager 2011 Suite Demo\program\symmpi_xp_x86\symmpi.sys

< MD5 for: TCPIP.SYS >
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\ERDNT\cache64\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\ERDNT\cache86\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
Nahoru
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#36 Příspěvek od jindra.paryzek »

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.12.05 09:59:11 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Adobe
[2012.01.02 22:45:21 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\AnvSoft
[2011.11.30 23:37:53 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\ATI
[2012.08.11 00:24:59 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Balabolka
[2012.01.07 03:23:48 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\calibre
[2012.01.19 23:28:46 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\CheckPoint
[2012.01.13 00:16:07 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Devicescape
[2012.08.04 20:16:26 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\ffDiaporama
[2011.12.01 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\GHISLER
[2012.01.19 16:14:29 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Hunspell
[2011.12.16 15:01:43 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\ICQ
[2011.11.30 23:04:47 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Identities
[2012.08.17 08:17:46 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit
[2012.09.18 22:32:29 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Jpeg Resampler
[2012.01.02 16:21:01 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Key Metric Software
[2011.12.01 01:23:53 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Macromedia
[2012.01.18 11:50:33 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Malwarebytes
[2010.11.21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Media Center Programs
[2012.07.07 21:01:21 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Media Finder
[2012.01.18 22:33:56 | 000,000,000 | --SD | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft
[2011.12.01 01:07:18 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Mozilla
[2012.08.04 14:37:21 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Nokia
[2012.04.01 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Nokia Suite
[2012.01.21 20:43:35 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Notepad++
[2012.01.07 03:11:21 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\OpenOffice.org
[2012.01.25 19:17:17 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\OtakuSoftware
[2012.07.30 08:45:33 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\PC Suite
[2012.09.18 22:32:29 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\PSpad
[2012.01.18 00:15:12 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Radmin
[2012.07.27 13:18:15 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Sammsoft
[2012.04.05 17:16:10 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Skype
[2012.01.20 01:19:05 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\TuneUp Software
[2012.08.04 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Ulead Systems
[2012.08.11 00:25:16 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\vlc
[2012.04.05 16:43:32 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\WebcamMax
[2011.12.01 20:27:40 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\WinRAR
[2012.07.07 20:45:48 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\YourFileDownloader

< %APPDATA%\*.exe /s >
[2011.11.30 23:07:02 | 000,010,134 | R--- | M] () -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe
[2011.11.30 23:07:02 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
[2012.08.04 14:06:42 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
[2012.08.04 14:06:42 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2012.08.04 14:06:42 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.08.04 14:06:42 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.08.04 14:06:42 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2011.11.30 23:25:13 | 000,010,134 | R--- | M] () -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Installer\{F729DDB6-74A7-4A16-763F-E2768DF0E37D}\ARPPRODUCTICON.exe
[2004.06.13 16:21:34 | 000,751,616 | ---- | M] () -- C:\Users\Jindra-Dell-modry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blaiz Enterprises\Image Tools\Text Effects.EXE

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.09.21 23:37:52 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.09.21 23:37:52 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.22 20:51:13 | 000,000,512 | ---- | M] () MD5=3EF32816C2C2321143F06A60D05D7426 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2012.03.01 20:23:20 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011.05.09 12:52:16 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2011.07.18 23:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2010.04.17 11:31:42 | 002,152,448 | ---- | M] () -- \Program Files (x86)\WebcamMax\ShareUploader.exe
[2010.03.15 12:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.01.06 01:45:43 | 000,001,192 | ---- | M] () -- \Users\Jindra-Dell-modry\AppData\Local\SRDownloader.nast
[2012.07.14 18:39:41 | 000,000,723 | ---- | M] () -- \Users\Jindra-Dell-modry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\img\ajax-loader.gif
[2012.07.14 18:39:41 | 000,001,865 | ---- | M] () -- \Users\Jindra-Dell-modry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\js\FMLoader.js
[2012.02.03 04:32:08 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\A8640317F35F8964C8903A93AEB3506E\3.0.655\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2011.09.01 12:13:30 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-1260641067-3451729402-1417893360-1000\CBEC1D2927C7FCE4FB6C1C13FEF36E7A\3.3.89\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.08.08 20:08:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.08.08 20:08:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.01 07:54:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.12.01 07:54:02 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.12.01 07:54:02 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.12.01 07:54:02 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.12.01 07:54:02 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.12.01 01:13:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.12.01 01:13:23 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.12.01 01:13:23 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.12.01 01:13:23 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.12.01 01:13:23 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 05:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2009.04.22 21:09:12 | 000,002,200 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport.p5i
[2009.04.22 21:09:12 | 000,002,503 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport.p5m
[2009.04.22 21:09:12 | 000,010,181 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport.p5p
[2009.04.22 21:09:12 | 000,088,576 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport.p5x
[2009.04.22 21:09:12 | 000,008,685 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_da.p5p
[2009.04.22 21:09:12 | 000,009,950 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_de.p5p
[2009.04.22 21:09:12 | 000,010,362 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_es.p5p
[2009.04.22 21:09:12 | 000,009,066 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_fi.p5p
[2009.04.22 21:09:12 | 000,009,824 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_fr.p5p
[2009.04.22 21:09:12 | 000,009,814 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_it.p5p
[2009.04.22 21:09:12 | 000,010,265 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_ja.p5p
[2009.04.22 21:09:12 | 000,010,005 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_ko.p5p
[2009.04.22 21:09:12 | 000,008,540 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_nb.p5p
[2009.04.22 21:09:12 | 000,009,657 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_nl.p5p
[2009.04.22 21:09:12 | 000,009,240 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_pt.p5p
[2009.04.22 21:09:12 | 000,009,006 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_sv.p5p
[2009.04.22 21:09:12 | 000,008,363 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_zh-cn.p5p
[2009.04.22 21:09:12 | 000,008,410 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\pcdrserialport_zh-tw.p5p
[2009.04.22 21:08:52 | 000,001,413 | ---- | M] () -- \Program Files (x86)\Dell Support Center\HWDiag\bin\Images\icons\png\24_24\serial_port.png
[2012.04.11 01:15:28 | 000,434,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.05.13 07:39:47 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2011.07.05 15:08:20 | 000,002,060 | ---- | M] () -- \Program Files (x86)\Paragon Software\Hard Disk Manager 2011 Suite Demo\program\resource\img\dbh\serial_number_32.png
[2011.07.05 15:08:42 | 000,006,862 | ---- | M] () -- \Program Files (x86)\Paragon Software\Hard Disk Manager 2011 Suite Demo\program\resource\ui\hdmdlg_setpartserial.ui
[2011.07.05 15:13:52 | 000,002,060 | ---- | M] () -- \Program Files (x86)\Paragon Software\Hard Disk Manager 2011 Suite Demo\program2\resource\img\dbh\serial_number_32.png
[2011.07.05 15:13:58 | 000,006,862 | ---- | M] () -- \Program Files (x86)\Paragon Software\Hard Disk Manager 2011 Suite Demo\program2\resource\ui\hdmdlg_setpartserial.ui
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:40 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.04.11 04:37:58 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.05.13 07:40:17 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:44 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.06.11 00:10:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.08 20:39:36 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.10 00:15:45 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.11 23:36:12 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
[2012.05.10 22:37:59 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
[2012.05.10 17:29:12 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.11 23:39:04 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.11 23:38:59 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
[2012.05.11 23:41:04 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
[2012.05.11 23:44:12 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.11 23:44:02 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
[2012.05.11 23:47:32 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
[2011.12.01 21:32:51 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.12 21:16:13 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.12.01 21:32:51 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.06.12 21:16:12 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.06.12 21:16:16 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:34 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:40 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 04:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 04:38:14 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.05 03:54:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 04:58:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.05 03:54:44 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 05:07:20 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2011.12.01 01:13:23 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.12.01 01:13:23 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.12.01 07:54:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.12.01 07:54:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.14 05:17:48 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.11 00:10:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.06.08 20:39:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010.11.05 03:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 04:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.05 03:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 12 bytes -> C:\Users\Jindra-Dell-modry\Documents:{1AA87861-906F-43B3-9815-7429EA2967F9}

< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu.Pomalé pc i internet

#37 Příspěvek od Márty84 »

Jo, to je on. Kontrola nejakou dobu potrva.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#38 Příspěvek od jindra.paryzek »

Jak se v tomto může někdo vyznat?? :?:
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu.Pomalé pc i internet

#39 Příspěvek od Márty84 »

Chce to trosku cviku a pak to neni tak hrozne :)

:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=irtest ... 1158898040
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2E981B39-F99B-619E-3BF7-17A0DBAF81CD}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.searchnu.com/406
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=010712_7&babsrc=SP_ss&mntrId=aea18f28000000000000ec55f94d5a5b
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{2E981B39-F99B-619E-3BF7-17A0DBAF81CD}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={78513C0E-F961-4DEF-AA0F-A7543D3DFC4F}&mid=516e9ffff68047d0b5a17da15f62b133-afc44fd53f103a0a07df862413cc56c198d80f5c&lang=en&ds=qw011&pr=sa&d=2012-06-27 20:01:49&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\SearchScopes\{A9C83F65-B5D6-4F9F-8A7A-F9569D7790E8}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
FF - prefs.js..backup.old.browser.search.defaultenginename: "Search"
FF - prefs.js..backup.old.browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://searchfunmoods.com/?f=1&a=irtest1&chnl=irtest1&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0FzyyE0DyD0AyD0Bzz0FtBzztN0D0Tzu0StCzzzztN1L2XzutBtFtCtFtDtFtAtDtC&cr=1158898040"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=394&systemid=406&sr=0&q="
O2:64bit: - BHO: (no name) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2012.07.07 20:57:58 | 000,384,844 | ---- | C] () -- C:\Users\Jindra-Dell-modry\AppData\Local\funmoods-speeddial_sf.crx
[2012.07.07 20:57:57 | 000,031,465 | ---- | C] () -- C:\Users\Jindra-Dell-modry\AppData\Local\funmoods.crx
[2012.08.17 08:17:46 | 000,000,000 | ---D | M] -- C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
@Alternate Data Stream - 12 bytes -> C:\Users\Jindra-Dell-modry\Documents:{1AA87861-906F-43B3-9815-7429EA2967F9}
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#40 Příspěvek od jindra.paryzek »

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jindra-Dell-modry
->Temp folder emptied: 827854 bytes
->Temporary Internet Files folder emptied: 33129 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 817023388 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1395 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18978 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 780,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest

User: Jindra-Dell-modry
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E981B39-F99B-619E-3BF7-17A0DBAF81CD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E981B39-F99B-619E-3BF7-17A0DBAF81CD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Backup.Old.Start Page| /E : value set successfully!
HKU\S-1-5-21-1260641067-3451729402-1417893360-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2E981B39-F99B-619E-3BF7-17A0DBAF81CD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E981B39-F99B-619E-3BF7-17A0DBAF81CD}\ not found.
Registry key HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A9C83F65-B5D6-4F9F-8A7A-F9569D7790E8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9C83F65-B5D6-4F9F-8A7A-F9569D7790E8}\ not found.
Prefs.js: "Search" removed from backup.old.browser.search.defaultenginename
Prefs.js: "Search" removed from backup.old.browser.search.selectedEngine
Prefs.js: "http://searchfunmoods.com/?f=1&a=irtest ... 1158898040" removed from browser.startup.homepage
Prefs.js: "Search Results" removed from browser.search.defaultenginename
Prefs.js: "Search Results" removed from browser.search.order.1
Prefs.js: "http://dts.search-results.com/sr?src=ff ... 06&sr=0&q=" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1260641067-3451729402-1417893360-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
C:\Windows\SysNative\drivers\~GLH001e.TMP deleted successfully.
C:\Users\Jindra-Dell-modry\AppData\Local\funmoods-speeddial_sf.crx moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Local\funmoods.crx moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Startup Manager folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\SmartRAM folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Smart RAM folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\SecurityHoles folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Internet Booster folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\EmptyFolder folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5\AutoShutdown folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Users\Jindra-Dell-modry\AppData\Roaming\IObit folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1120.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6F75.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7CFC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAD6E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4C9A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP559F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP803C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA69A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB896.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC9B4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDE3D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI3159.tmp deleted successfully.
C:\Windows\Installer\MSI4584.tmp deleted successfully.
C:\Windows\Installer\MSI6E2E.tmp deleted successfully.
C:\Windows\Installer\MSI72AD.tmp deleted successfully.
C:\Windows\Installer\MSI7F2D.tmp deleted successfully.
C:\Windows\Installer\MSIB579.tmp deleted successfully.
C:\Windows\Installer\MSICAB0.tmp deleted successfully.
C:\Windows\Installer\MSIDCC6.tmp deleted successfully.
C:\Windows\Installer\MSIFD89.tmp deleted successfully.
Unable to delete ADS C:\Users\Jindra-Dell-modry\Documents:{1AA87861-906F-43B3-9815-7429EA2967F9} .

OTL by OldTimer - Version 3.2.65.1 log created on 09222012_215744

Files\Folders moved on Reboot...
C:\Users\Jindra-Dell-modry\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu.Pomalé pc i internet

#41 Příspěvek od Márty84 »

:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne delsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#42 Příspěvek od jindra.paryzek »

RogueKiller V8.0.4 [09/19/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jindra-Dell-modry [Práva správce]
Mód : Kontrola -- Datum : 09/22/2012 22:05:38

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{0143E901-B999-4DBD-A71F-62ED8684933C} : NameServer (160.218.161.60 194.228.211.33) -> NALEZENO
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{0143E901-B999-4DBD-A71F-62ED8684933C} : NameServer (160.218.161.60 194.228.211.33) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6465GSX ATA Device +++++
--- User ---
[MBR] 3ef32816c2c2321143f06a60d05d7426
[BSP] ad9e3439c5ddf0eac72be41aab10499b : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 610478 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu.Pomalé pc i internet

#43 Příspěvek od Márty84 »

:arrow: Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.
A jeste kliknete na Oprava DNS a Zprava.
I tento log bych rad videl
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#44 Příspěvek od jindra.paryzek »

RogueKiller V8.0.4 [09/19/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jindra-Dell-modry [Práva správce]
Mód : Odebrat -- Datum : 09/22/2012 22:14:30

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{0143E901-B999-4DBD-A71F-62ED8684933C} : NameServer (160.218.161.60 194.228.211.33) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{0143E901-B999-4DBD-A71F-62ED8684933C} : NameServer (160.218.161.60 194.228.211.33) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6465GSX ATA Device +++++
--- User ---
[MBR] 3ef32816c2c2321143f06a60d05d7426
[BSP] ad9e3439c5ddf0eac72be41aab10499b : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 610478 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
Nahoru
jindra.paryzek
Návštěvník
Návštěvník
Příspěvky: 469
Registrován: 04 led 2007 12:37
Bydliště: Louny

Re: Prosím o kontrolu.Pomalé pc i internet

#45 Příspěvek od jindra.paryzek »

RogueKiller V8.0.4 [09/19/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jindra-Dell-modry [Práva správce]
Mód : Oprava HOSTS -- Datum : 09/22/2012 22:15:25

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončeno : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“