zpomalený, blue screen, sekání, padá internetové připojení

Zpráva

#16 Příspěvek od **Márty84** » 04 říj 2015 10:27

Defender zatim nereste, stejne je k nicemu a proto jsem ho chtel vypnout.

Pokracujte CFScriptem

hagal · #17 Příspěvek od **hagal** » 04 říj 2015 11:04

ComboFix 15-10-01.01 - John 04.10.2015 11:40:52.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.828 [GMT 2:00]
Spuštěný z: c:\users\John\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\John\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-04 do 2015-10-04 )))))))))))))))))))))))))))))))
.
.
2015-10-04 09:48 . 2015-10-04 09:53 -------- d-----w- c:\users\John\AppData\Local\temp
2015-10-04 09:48 . 2015-10-04 09:48 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-09-30 14:44 . 2015-10-02 14:16 -------- d-----w- C:\FRST
2015-09-29 20:36 . 2015-08-31 23:05 8884144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B69F53AF-465B-401B-AC20-E8E8C82A081F}\mpengine.dll
2015-09-29 15:13 . 2015-09-29 15:13 -------- d-----w- c:\programdata\Malwarebytes
2015-09-28 19:10 . 2015-09-21 18:23 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-09-28 19:10 . 2015-09-21 18:23 157888 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2015-09-28 19:10 . 2015-09-21 18:23 434184 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-09-28 19:10 . 2015-09-21 18:23 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-09-28 19:10 . 2015-09-21 18:23 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-09-28 19:10 . 2015-09-21 18:23 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-09-28 19:10 . 2015-09-21 18:23 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-09-28 19:10 . 2015-09-21 18:23 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-09-28 19:10 . 2015-09-21 18:23 789296 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-09-28 19:10 . 2015-09-21 18:23 107984 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-09-28 19:10 . 2015-09-21 18:23 313472 ----a-w- c:\windows\system32\aswBoot.exe
2015-09-28 18:49 . 2015-09-28 18:50 -------- d-----w- C:\AdwCleaner
2015-09-28 11:24 . 2015-09-30 14:26 -------- d-----w- c:\program files\trend micro
2015-09-28 11:24 . 2015-09-28 11:25 -------- d-----w- C:\rsit
2015-09-23 14:46 . 2015-09-23 14:46 -------- d-----w- C:\snapshots
2015-09-21 18:23 . 2015-09-21 18:23 43112 ----a-w- c:\windows\avastSS.scr
2015-09-14 15:21 . 2014-05-22 12:46 116224 ----a-w- c:\windows\system32\drivers\tplinkUDSMBus.sys
2015-09-14 15:21 . 2014-05-22 12:42 180608 ----a-w- c:\windows\system32\drivers\tplinkUDSTcpBus.sys
2015-09-14 15:20 . 2015-09-14 15:20 -------- d-----w- c:\program files\TP-LINK
2015-09-12 23:19 . 2015-08-13 14:15 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2015-09-12 23:19 . 2015-08-13 14:15 102912 ----a-w- c:\windows\system32\drivers\srvnet.sys
2015-09-12 23:14 . 2015-08-05 15:58 940032 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-09-12 23:14 . 2015-08-05 14:24 1850880 ----a-w- c:\program files\Windows Journal\Journal.exe
2015-09-12 23:14 . 2015-08-05 15:59 1220608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-09-12 23:14 . 2015-08-05 15:58 985600 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-09-12 23:14 . 2015-08-05 15:58 967680 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-09-12 23:14 . 2015-09-02 21:26 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-09-12 23:14 . 2015-09-02 19:54 297472 ----a-w- c:\windows\system32\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-03 20:29 . 2012-05-12 21:15 780488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-10-03 20:29 . 2011-05-23 21:21 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-09-02 21:26 . 2015-09-12 23:18 1402368 ----a-w- c:\windows\system32\msxml6.dll
2015-09-02 21:26 . 2015-09-12 23:18 1253376 ----a-w- c:\windows\system32\msxml3.dll
2015-09-02 19:55 . 2015-09-12 23:14 2067456 ----a-w- c:\windows\system32\win32k.sys
2015-08-29 21:39 . 2014-09-15 16:18 97888 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-08-17 17:12 . 2015-09-09 18:15 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-08-17 17:11 . 2015-09-09 18:15 422400 ----a-w- c:\windows\system32\vbscript.dll
2015-08-17 17:09 . 2015-09-09 18:15 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-05 15:59 . 2015-09-12 23:12 602112 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-04 22:03 . 2015-08-04 22:03 877152 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-08-04 22:03 . 2015-08-04 22:03 538208 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-07-31 21:46 . 2015-08-12 23:09 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-07-31 21:46 . 2015-08-12 23:09 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-07-31 21:46 . 2015-08-12 23:09 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-07-31 21:46 . 2015-08-12 23:09 1029120 ----a-w- c:\windows\system32\d3d10.dll
2015-07-31 20:41 . 2015-08-12 23:09 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-31 20:40 . 2015-08-12 23:09 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-07-31 20:35 . 2015-08-12 23:09 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-07-31 20:33 . 2015-08-12 23:09 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-07-31 20:33 . 2015-08-12 23:09 802304 ----a-w- c:\windows\system32\FntCache.dll
2015-07-31 19:27 . 2015-08-12 23:28 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-21 20:55 . 2015-08-12 23:30 1206192 ----a-w- c:\windows\system32\ntdll.dll
2015-07-21 16:07 . 2015-08-12 23:30 56256 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-07-21 16:07 . 2015-08-12 23:30 3605440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-07-21 16:07 . 2015-08-12 23:30 3553216 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-07-21 16:07 . 2015-08-12 23:30 140224 ----a-w- c:\windows\system32\drivers\ecache.sys
2015-07-21 16:03 . 2015-08-12 23:30 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-07-21 16:03 . 2015-08-12 23:30 564224 ----a-w- c:\windows\system32\emdmgmt.dll
2015-07-21 16:03 . 2015-08-12 23:30 49664 ----a-w- c:\windows\system32\csrsrv.dll
2015-07-18 16:03 . 2015-08-12 23:12 68608 ----a-w- c:\windows\system32\basesrv.dll
2015-07-10 19:37 . 2015-08-12 23:27 2067968 ----a-w- c:\windows\system32\mstscax.dll
2015-07-10 14:21 . 2015-09-12 23:15 2048 ----a-w- c:\windows\system32\tzres.dll
2015-07-09 14:25 . 2015-08-12 23:07 151040 ----a-w- c:\windows\system32\notepad.exe
2015-07-09 14:25 . 2015-08-12 23:07 151040 ----a-w- c:\windows\notepad.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-09-21 18:23 696120 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-02-22 159744]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-22 4907008]
"OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-07-17 36864]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-07-03 3563520]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-09-21 6134544]
"TP-LINK USB Printer Controller"="c:\program files\TP-LINK\USB Printer Controller\USB Printer Controller.exe" [2014-06-19 4265984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^counter_widget.lnk]
path=c:\users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\counter_widget.lnk
backup=c:\windows\pss\counter_widget.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 14:13 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-05-23 13:16 1561968 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-05-23 13:16 311152 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMail]
2008-02-21 20:22 453936 ----a-w- c:\program files\Seznam\Postak\Postak.exe
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2008-02-22 77824]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
bthaudiosvc REG_MULTI_SZ HFGService
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\bin\listicka.dll
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
TCP: DhcpNameServer = 192.168.0.1
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} - hxxps://download.seznam.cz/listicka/toolbar2007.cab
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(744)
c:\windows\System32\BCMLogon.dll
.
- - - - - - - > 'Explorer.exe'(2016)
c:\program files\Dell\QuickSet\dadkeyb.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\system32\WLANExt.exe
c:\windows\System32\bcmwltry.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\CSR\Vista Profile Pack\BthFilterHelper.exe
c:\program files\Nero\Update\NASvc.exe
c:\programdata\O2 Internet\OnlineUpdate\ouc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
c:\windows\RtHDVCpl.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\windows\ehome\ehmsas.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2015-10-04 12:02:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-10-04 10:01
ComboFix2.txt 2015-10-02 22:06
.
Před spuštěním: Volných bajtů: 130 131 902 464
Po spuštění: Volných bajtů: 130 110 058 496
.
- - End Of File - - 63EF26933E98E89BDE5728BE8E6F60B1
5C616939100B85E558DA92B899A0FC36

#18 Příspěvek od **Márty84** » 04 říj 2015 11:09

Dejte novy log z FRST

hagal · #19 Příspěvek od **hagal** » 04 říj 2015 11:21

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-10-2015
Ran by John (administrator) on JOHN-PC (04-10-2015 12:14:44)
Running from C:\Users\John\Desktop
Loaded Profiles: John & UpdatusUser (Available Profiles: John & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(CSR, plc) C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Creative Technology Ltd.) C:\Windows\OEM13Mon.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Creative Technology Ltd.) C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\Seznam.cz\bin\postak.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_185_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2008-02-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-02-22] (Realtek Semiconductor)
HKLM\...\Run: [OEM13Mon.exe] => C:\Windows\OEM13Mon.exe [36864 2008-07-17] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-07-03] (Dell Inc.)
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6134544 2015-09-21] (AVAST Software)
HKLM\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4265984 2014-06-19] (TP-LINK)
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\...\Run: [Seznam Postak] => C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-09-21] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-03] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2008-09-18]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1D651EE7-24A3-4351-9694-4A78BDB7058E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{246B89A4-9736-48BE-84AB-23B4840AB4CE}: [DhcpNameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{9EC12395-9D94-46D2-A655-71B02EE5DA8E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BC6E1306-1DAE-4C59-B20D-7855B1B55EFF}: [DhcpNameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{E7951E5B-7A6D-4931-9481-785EC0F7BF7E}: [DhcpNameServer] 160.218.161.60 194.228.211.33

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> DefaultScope {0D0E0895-8BE8-4DF0-ACA2-D2EF892012D9} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ469
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {056E7B31-08BE-4A67-A882-29DA993B9026} URL = hxxp://slovnik.seznam.cz/?lg=cz_en&wd={searchTerms}&sourceid=SearchBox
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {0D0E0895-8BE8-4DF0-ACA2-D2EF892012D9} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... FA_csCZ469
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {0DD7FF3E-49D2-439D-8438-0CE800AA68B1} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=SearchBox
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {38e0850d-64b4-4845-bc68-51a177591474} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {51ab35b2-57fe-46e1-a199-549280b05a26} URL = hxxp://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_12
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {703885d6-51b5-4a9d-9751-59cc440c1826} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... kSearch_12
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {98674DCB-D91A-49EB-86CF-240D2EB669C2} URL = hxxp://cs.wikipedia.org/w/index.php?title=Speci%C3%A1ln%C3%AD:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {d2dc1ff3-f7ad-494a-aca8-6fe35170f586} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... kSearch_12
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-09-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)
BHO: Lištička -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12] ()
Toolbar: HKLM - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2011-12-12] ()
Toolbar: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> Nástroje Lištičky - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12] ()
Toolbar: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/s ... ab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} hxxps://download.seznam.cz/listicka/toolbar2007.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-10-22] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-02-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-02-29] (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2105 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [2007-04-30] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [2007-04-30] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [2007-04-30] (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2740727072-2080102920-725536451-1000: @kb-ext.cz/PKIComponent -> C:\Users\John\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2013-12-06] (Komerční banka, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2007-07-12] (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-11]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-05-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2008-02-22] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-09-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3219136 2015-09-21] (Avast Software)
R2 BthFilterHelper; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [127488 2006-11-07] (CSR, plc) [File not signed]
R2 HFGService; C:\Windows\System32\HFGService.dll [356864 2007-05-05] (CSR, plc)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [File not signed]
S2 O2 Internet. RunOuc; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [File not signed]
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [69632 2007-07-11] (MicroVision Development, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-07-03] (Dell Inc.) [File not signed]
S2 HWDeviceService.exe; "C:\ProgramData\DatacardService\HWDeviceService.exe" -/service [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-09-21] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [789296 2015-09-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [434184 2015-09-21] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [157888 2015-09-21] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-09-21] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-21] (AVAST Software)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-07-03] (Broadcom Corporation)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [29184 2007-05-05] (CSR, plc)
S3 bthav; C:\Windows\System32\drivers\bthav.sys [36352 2007-05-05] (CSR, plc)
R3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2007-05-05] (CSR, plc)
S3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [29696 2009-04-11] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [70272 2012-10-29] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [107984 2015-09-21] (AVAST Software)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [7424 2008-07-17] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [235840 2008-07-17] (Creative Technology Ltd.)
R3 TPLINKUDSMBus; C:\Windows\System32\drivers\TplinkUDSMBus.sys [116224 2014-05-22] (Windows (R) Codename Longhorn DDK provider)
S3 tplinkUDSTcpBus; C:\Windows\System32\drivers\tplinkUDSTcpBus.sys [180608 2014-05-22] (Windows (R) Codename Longhorn DDK provider)
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220752 2015-09-21] (Avast Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249472 2012-04-20] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-04 12:14 - 2015-10-04 12:14 - 00000000 ____D C:\Users\John\Desktop\FRST-OlderVersion
2015-10-04 12:02 - 2015-10-04 12:02 - 00013439 _____ C:\ComboFix.txt
2015-10-02 23:51 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-02 23:51 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-02 23:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-02 23:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-02 23:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-02 23:51 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-02 23:51 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-02 23:51 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-02 23:50 - 2015-10-04 12:02 - 00000000 ____D C:\Qoobox
2015-10-02 23:49 - 2015-10-04 11:48 - 00000000 ____D C:\Windows\erdnt
2015-10-02 23:45 - 2015-10-02 23:45 - 05636125 ____R (Swearware) C:\Users\John\Desktop\ComboFix.exe
2015-10-02 16:17 - 2015-10-02 16:17 - 00011047 _____ C:\Users\John\Desktop\Addition.rar
2015-10-02 16:14 - 2015-10-02 16:16 - 00037790 _____ C:\Users\John\Desktop\Addition.txt
2015-10-02 16:13 - 2015-10-04 12:15 - 00019316 _____ C:\Users\John\Desktop\FRST.txt
2015-09-30 16:44 - 2015-10-04 12:14 - 00000000 ____D C:\FRST
2015-09-30 16:43 - 2015-10-04 12:14 - 01697280 _____ (Farbar) C:\Users\John\Desktop\FRST.exe
2015-09-30 16:24 - 2015-09-30 16:25 - 01107968 _____ C:\Users\John\Desktop\RSIT.exe
2015-09-29 21:41 - 2015-09-29 21:44 - 00000249 _____ C:\Users\John\Desktop\DiskInfo.ini
2015-09-29 21:41 - 2015-09-29 21:41 - 00000000 ____D C:\Users\John\Desktop\Smart
2015-09-29 21:41 - 2012-06-15 14:08 - 01149912 _____ (Crystal Dew World) C:\Users\John\Desktop\DiskInfo.exe
2015-09-29 21:41 - 2012-05-27 20:28 - 00000000 ____D C:\Users\John\Desktop\CdiResource
2015-09-29 21:41 - 2012-01-05 14:02 - 00001268 _____ C:\Users\John\Desktop\COPYRIGHT.txt
2015-09-29 21:41 - 2012-01-05 14:02 - 00001122 _____ C:\Users\John\Desktop\COPYRIGHT-ja.txt
2015-09-29 21:40 - 2015-09-29 21:40 - 01496172 _____ C:\Users\John\Desktop\CrystalDiskInfo5_0_0.zip
2015-09-29 20:25 - 2015-09-28 13:15 - 00163219 _____ C:\Users\John\Desktop\Mini092815-01.dmp
2015-09-29 20:25 - 2015-09-24 22:40 - 00163219 _____ C:\Users\John\Desktop\Mini092415-01.dmp
2015-09-29 20:22 - 2015-09-29 20:22 - 00001446 _____ C:\Users\John\Desktop\Malware.txt
2015-09-29 17:13 - 2015-09-29 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-28 21:10 - 2015-09-21 20:23 - 00789296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00434184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-28 21:10 - 2015-09-21 20:23 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00157888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00107984 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-28 21:10 - 2015-09-21 20:23 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-28 20:49 - 2015-09-28 20:50 - 00000000 ____D C:\AdwCleaner
2015-09-28 20:47 - 2015-09-28 20:47 - 01670656 _____ C:\Users\John\Desktop\adwcleaner_5.009.exe
2015-09-28 13:24 - 2015-09-30 16:26 - 00000000 ____D C:\Program Files\trend micro
2015-09-28 13:24 - 2015-09-28 13:25 - 00000000 ____D C:\rsit
2015-09-23 16:46 - 2015-09-23 16:46 - 00000000 ____D C:\snapshots
2015-09-21 20:23 - 2015-09-21 20:23 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-14 17:21 - 2014-05-22 14:46 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\tplinkUDSMBus.sys
2015-09-14 17:21 - 2014-05-22 14:42 - 00180608 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\tplinkUDSTcpBus.sys
2015-09-14 17:20 - 2015-09-14 17:20 - 00002016 _____ C:\Users\Public\Desktop\USB Printer Controller.lnk
2015-09-14 17:20 - 2015-09-14 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-09-14 17:20 - 2015-09-14 17:20 - 00000000 ____D C:\Program Files\TP-LINK
2015-09-13 01:19 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-13 01:19 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-09-13 01:18 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-13 01:18 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-13 01:15 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-13 01:14 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-13 01:14 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-13 01:14 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-13 01:12 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-13 00:31 - 2015-09-29 21:20 - 00000000 ____D C:\Windows\pss
2015-09-12 22:40 - 2015-10-03 22:53 - 00000043 _____ C:\Users\John\Desktop\Hochman.txt
2015-09-09 20:15 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 20:15 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 20:15 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 20:15 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 20:15 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 20:15 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 20:15 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 20:15 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 20:15 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-09 20:15 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-09 20:15 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-09 20:15 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-04 12:13 - 2008-09-18 22:46 - 01966088 _____ C:\Windows\WindowsUpdate.log
2015-10-04 11:52 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2015-10-04 11:50 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-04 11:49 - 2013-07-17 17:38 - 00310012 _____ C:\Windows\PFRO.log
2015-10-04 11:49 - 2008-09-18 21:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-04 11:49 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-04 11:49 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-04 11:48 - 2008-09-18 21:02 - 00003204 _____ C:\Windows\bthservsdp.dat
2015-10-04 11:48 - 2006-11-02 15:01 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-04 11:40 - 2012-02-12 21:27 - 00000000 ____D C:\Users\John\AppData\Roaming\Skype
2015-10-03 22:29 - 2012-05-12 23:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-03 22:29 - 2011-05-23 23:21 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-03 00:06 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-10-02 23:13 - 2008-10-26 03:25 - 00113664 _____ C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-02 21:09 - 2008-01-21 08:47 - 01532794 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-29 21:51 - 2013-06-28 22:13 - 00030818 _____ C:\Windows\setupact.log
2015-09-29 20:27 - 2010-01-01 18:38 - 00000000 ____D C:\Windows\Minidump
2015-09-28 21:18 - 2013-10-11 19:36 - 00012774 _____ C:\Windows\DPINST.LOG
2015-09-28 21:16 - 2010-06-06 11:23 - 00000000 ____D C:\ProgramData\Nokia
2015-09-28 21:16 - 2010-01-07 03:50 - 00000000 ____D C:\Program Files\Common Files\Nokia
2015-09-28 21:16 - 2008-10-28 23:56 - 00000000 ____D C:\Program Files\Nokia
2015-09-28 21:15 - 2012-12-31 16:07 - 00000000 ____D C:\Users\John\AppData\Roaming\Nokia Suite
2015-09-28 21:15 - 2009-01-08 17:01 - 00000000 ____D C:\Users\John\AppData\Roaming\Nokia
2015-09-28 21:11 - 2014-11-27 19:22 - 00001802 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-28 20:39 - 2010-01-23 17:06 - 00000000 ____D C:\Program Files\Spybot2
2015-09-28 20:39 - 2010-01-23 16:48 - 00000000 ____D C:\Program Files\Spybot
2015-09-28 20:38 - 2010-01-23 16:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-28 13:15 - 2008-09-19 06:27 - 00163219 _____ C:\Windows\Minidump\Mini092815-01.dmp
2015-09-24 22:40 - 2008-09-19 06:27 - 00163219 _____ C:\Windows\Minidump\Mini092415-01.dmp
2015-09-23 16:45 - 2014-11-29 22:02 - 00000000 ____D C:\Windows\system32\vbox
2015-09-20 18:18 - 2015-09-02 20:46 - 00001033 _____ C:\Users\John\Desktop\Šaty.txt
2015-09-17 20:27 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2015-09-14 20:37 - 2008-10-21 23:37 - 00000000 ____D C:\Users\John\Documents\Honzík
2015-09-14 17:21 - 2008-10-14 11:09 - 00000000 ____D C:\Users\John
2015-09-13 12:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-13 11:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-09-13 10:56 - 2006-11-02 14:47 - 00340224 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-13 10:53 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 01:18 - 2008-09-18 21:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-13 01:10 - 2013-09-17 19:03 - 00000000 ____D C:\Windows\system32\MRT
2015-09-13 00:37 - 2008-10-21 23:14 - 00000000 ____D C:\Instalačky
2015-09-09 20:29 - 2008-10-16 02:25 - 00002635 _____ C:\Users\John\Desktop\Word.lnk
2015-09-09 20:03 - 2015-08-29 23:04 - 00000000 ____D C:\Users\John\Desktop\Aukro deska

==================== Files in the root of some directories =======

2011-11-15 20:07 - 2011-11-15 20:07 - 0000000 _____ () C:\Users\John\AppData\Roaming\.NANotifyHere
2011-05-23 09:12 - 2014-08-11 10:02 - 0008592 _____ () C:\Users\John\AppData\Local\d3d9caps.dat
2008-10-26 03:25 - 2015-10-02 23:13 - 0113664 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-26 18:41 - 2013-10-11 19:52 - 0008704 _____ () C:\ProgramData\hpzinstall.log
2008-09-18 21:16 - 2012-03-24 21:46 - 0134376 _____ () C:\ProgramData\nvModes.001
2008-09-18 21:15 - 2012-03-24 21:46 - 0134376 _____ () C:\ProgramData\nvModes.dat
2013-09-17 20:02 - 2013-09-17 20:02 - 0001570 _____ () C:\ProgramData\QuickSet.xml

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-04 12:00

==================== End of FRST.txt ============================

#20 Příspěvek od **Márty84** » 06 říj 2015 14:03

Napiste mi velikost adresare plochy (C:\Users\John\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
BHO: Lištička -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12] ()
Toolbar: HKLM - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2011-12-12] ()
Toolbar: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> Nástroje Lištičky - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12] ()
Toolbar: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]

2015-09-29 20:22 - 2015-09-29 20:22 - 00001446 _____ C:\Users\John\Desktop\Malware.txt
2015-09-29 17:13 - 2015-09-29 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-28 20:39 - 2010-01-23 17:06 - 00000000 ____D C:\Program Files\Spybot2
2015-09-28 20:39 - 2010-01-23 16:48 - 00000000 ____D C:\Program Files\Spybot
2015-09-28 20:38 - 2010-01-23 16:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

Task: {679FC2A9-66C2-4B20-A8DF-493EE517CD7A} - System32\Tasks\{0EBBE6F7-B96A-4D56-845F-D647A6031809} => pcalua.exe -a C:\Instalačky\Spybot\download-spybotsd14.exe -d C:\Users\John\Desktop
Task: {E11B23BB-B0CA-4BAD-B3A1-DF3E7A4FDA78} - System32\Tasks\{EF3CF558-A84A-40BB-8F5D-D0FF25FCF858} => pcalua.exe -a "C:\Program Files\Seznam\Listicka\ToolbarInstaller.exe" -c /uninstall

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^counter_widget.lnk

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

hagal · #21 Příspěvek od **hagal** » 06 říj 2015 16:30

velikost adresáře plochy by měla být 81MB

Fix result of Farbar Recovery Scan Tool (x86) Version:04-10-2015
Ran by John (2015-10-06 17:14:34) Run:1
Running from C:\Users\John\Desktop
Loaded Profiles: John & UpdatusUser (Available Profiles: John & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
BHO: Lištička -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12] ()
Toolbar: HKLM - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2011-12-12] ()
Toolbar: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> Nástroje Lištičky - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\bin\listicka.dll [2011-12-12] ()
Toolbar: HKU\S-1-5-21-2740727072-2080102920-725536451-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]

2015-09-29 20:22 - 2015-09-29 20:22 - 00001446 _____ C:\Users\John\Desktop\Malware.txt
2015-09-29 17:13 - 2015-09-29 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-28 20:39 - 2010-01-23 17:06 - 00000000 ____D C:\Program Files\Spybot2
2015-09-28 20:39 - 2010-01-23 16:48 - 00000000 ____D C:\Program Files\Spybot
2015-09-28 20:38 - 2010-01-23 16:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

Task: {679FC2A9-66C2-4B20-A8DF-493EE517CD7A} - System32\Tasks\{0EBBE6F7-B96A-4D56-845F-D647A6031809} => pcalua.exe -a C:\Instalačky\Spybot\download-spybotsd14.exe -d C:\Users\John\Desktop
Task: {E11B23BB-B0CA-4BAD-B3A1-DF3E7A4FDA78} - System32\Tasks\{EF3CF558-A84A-40BB-8F5D-D0FF25FCF858} => pcalua.exe -a "C:\Program Files\Seznam\Listicka\ToolbarInstaller.exe" -c /uninstall

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^counter_widget.lnk

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
"HKU\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => key removed successfully.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}" => key removed successfully.
"HKCR\CLSID\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} => value removed successfully.
"HKCR\CLSID\{1EA00BE1-6E54-4E2A-8099-680300BF23E1}" => key removed successfully.
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => value removed successfully.
"HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65}" => key removed successfully.
HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
NAUpdate => service removed successfully.
catchme => service removed successfully.
pccsmcfd => service removed successfully.
AdobeARMservice => service removed successfully.
SkypeUpdate => service removed successfully.
C:\Users\John\Desktop\Malware.txt => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Program Files\Spybot2 => moved successfully
C:\Program Files\Spybot => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{679FC2A9-66C2-4B20-A8DF-493EE517CD7A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{679FC2A9-66C2-4B20-A8DF-493EE517CD7A}" => key removed successfully.
C:\Windows\System32\Tasks\{0EBBE6F7-B96A-4D56-845F-D647A6031809} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0EBBE6F7-B96A-4D56-845F-D647A6031809}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E11B23BB-B0CA-4BAD-B3A1-DF3E7A4FDA78}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E11B23BB-B0CA-4BAD-B3A1-DF3E7A4FDA78}" => key removed successfully.
C:\Windows\System32\Tasks\{EF3CF558-A84A-40BB-8F5D-D0FF25FCF858} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EF3CF558-A84A-40BB-8F5D-D0FF25FCF858}" => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage => key not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^counter_widget.lnk => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 632.2 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 17:18:11 ====

#22 Příspěvek od **Márty84** » 07 říj 2015 08:41

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

hagal · #23 Příspěvek od **hagal** » 08 říj 2015 16:06

Vše jsem provedl, výsledek není moc patrný. Počítač mi přijde malinko rychlejší, problém s vypnutím jsem naposledy zaregistroval po prvním použití Combofixu, od té doby se zatím problém neopakoval. Blue screen se taky neobjevil. Padání internetu ovšem stále přetrvává a navíc mi vznikl problém se vzdáleným tiskem přes router s usb tiskárnou - viz příloha.

Edit: Teď jsem dal uspat počítač zavřením víka a zamrzl... problém zřejmě stále přetrvává

#24 Příspěvek od **Márty84** » 09 říj 2015 21:22

Vyzkousejte, zda zamrzava i v nouzovem rezimu.

Zkontrolujte, zda se nezmenilo nastaveni (tiskarny/routeru)

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

hagal · #25 Příspěvek od **hagal** » 09 říj 2015 23:15

To zamrzání není pravidelný, nevím, jak vyzkoušet modelovou situaci, při které by mohl zamrznout.
V připadě tiskárny/routeru nevím, co mám hledat a jak poznat, co se změnilo.

OTL:
OTL logfile created on: 9.10.2015 22:50:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 42,91% Memory free
4,23 Gb Paging File | 2,69 Gb Available in Paging File | 63,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,98 Gb Total Space | 128,79 Gb Free Space | 44,72% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,09 Gb Free Space | 50,86% Space Free | Partition Type: NTFS

Computer Name: JOHN-PC | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.10.09 22:48:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
PRC - [2015.10.03 22:29:23 | 001,156,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_185_ActiveX.exe
PRC - [2015.09.21 20:23:43 | 006,134,544 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2015.09.21 20:23:36 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2015.09.21 20:23:01 | 003,219,136 | ---- | M] (Avast Software) -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
PRC - [2012.11.12 07:59:15 | 000,657,504 | ---- | M] () -- C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
PRC - [2012.03.01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.29 22:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.02.29 22:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.07.17 07:32:06 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM13Mon.exe
PRC - [2008.02.22 17:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008.02.22 07:25:06 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008.02.22 07:24:56 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008.02.22 07:24:54 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008.02.22 07:24:54 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008.02.22 07:14:22 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.22 07:14:18 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007.07.27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
PRC - [2006.11.07 18:26:52 | 000,127,488 | ---- | M] (CSR, plc) -- C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe

========== Modules (No Company Name) ==========

MOD - [2015.09.21 20:23:54 | 040,539,648 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2015.09.21 20:23:41 | 000,103,376 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\log.dll
MOD - [2015.09.21 20:23:37 | 000,123,976 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
MOD - [2015.09.13 01:03:37 | 011,909,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\cea79d1ef3a55a0b0b6d8e48fe79986e\System.Web.ni.dll
MOD - [2015.04.30 20:54:48 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\9ed54bd36f7a81d4731bb89a68d2331d\System.Runtime.Remoting.ni.dll
MOD - [2014.11.14 18:18:08 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cf2c94955471d68d3708b1fbf613ae46\System.ni.dll
MOD - [2014.09.15 20:14:55 | 011,496,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3444fbefcbd532181c499150ace644a4\mscorlib.ni.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
MOD - [2011.12.12 15:52:58 | 000,822,816 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\email.4.dll
MOD - [2011.12.12 15:52:18 | 001,151,520 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\core.4.dll
MOD - [2008.07.03 14:28:14 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2007.06.04 10:30:00 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.05.22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2015.09.21 20:23:36 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015.09.21 20:23:01 | 003,219,136 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2012.11.12 07:59:15 | 000,657,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files\O2 Internet\UpdateDog\ouc.exe -- (O2 Internet. RunOuc)
SRV - [2012.03.01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2008.10.20 22:54:46 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.02.22 07:14:18 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.05 19:51:12 | 000,356,864 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\System32\HFGService.dll -- (HFGService)
SRV - [2006.11.07 18:26:52 | 000,127,488 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe -- (BthFilterHelper)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2015.09.21 20:23:57 | 000,157,888 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswStmXP.sys -- (aswStmXP)
DRV - [2015.09.21 20:23:57 | 000,057,888 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2015.09.21 20:23:56 | 000,434,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2015.09.21 20:23:56 | 000,208,664 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.09.21 20:23:56 | 000,076,000 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015.09.21 20:23:56 | 000,055,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2015.09.21 20:23:56 | 000,049,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.09.21 20:23:56 | 000,024,016 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.09.21 20:23:17 | 000,789,296 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2015.09.21 20:23:13 | 000,107,984 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ngvss.sys -- (ngvss)
DRV - [2015.09.21 20:23:01 | 000,220,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2014.05.22 14:46:38 | 000,116,224 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tplinkUDSMBus.sys -- (TPLINKUDSMBus)
DRV - [2014.05.22 14:42:00 | 000,180,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tplinkUDSTcpBus.sys -- (tplinkUDSTcpBus)
DRV - [2013.05.02 06:23:50 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013.05.02 06:23:50 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.10.30 06:42:15 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2012.10.29 13:42:46 | 000,070,272 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - [2012.08.20 02:54:19 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2012.08.20 02:54:18 | 000,096,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2012.08.20 02:54:18 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012.03.01 01:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.07.27 03:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2009.04.11 06:43:07 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BTHPRINT.SYS -- (BTHprint)
DRV - [2008.07.17 07:32:12 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM13Vid.sys -- (OEM13Vid)
DRV - [2008.07.17 07:32:10 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM13Vfx.sys -- (OEM13Vfx)
DRV - [2008.07.03 14:28:02 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008.03.29 11:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 11:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008.02.22 10:20:48 | 000,106,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.02.22 07:38:34 | 000,043,480 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008.02.22 07:38:28 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008.02.22 07:24:52 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.01.21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008.01.21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.05.05 19:51:10 | 000,013,824 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BthFilt.sys -- (BTHFILT)
DRV - [2007.05.05 19:51:08 | 000,036,352 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthav.sys -- (bthav)
DRV - [2007.05.05 19:51:08 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV - [2006.11.02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes,DefaultScope = {0D0E0895-8BE8-4DF0-ACA2-D2EF892012D9}
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{056E7B31-08BE-4A67-A882-29DA993B9026}: "URL" = http://slovnik.seznam.cz/?lg=cz_en&wd={ ... =SearchBox
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{0D0E0895-8BE8-4DF0-ACA2-D2EF892012D9}: "URL" = http://www.google.cz/search?q={searchTe ... FA_csCZ469
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{0DD7FF3E-49D2-439D-8438-0CE800AA68B1}: "URL" = http://www.mapy.cz/?query={searchTerms} ... =SearchBox
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{38e0850d-64b4-4845-bc68-51a177591474}: "URL" = http://search.seznam.cz/?q={searchTerms ... kSearch_12
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{51ab35b2-57fe-46e1-a199-549280b05a26}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... kSearch_12
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{703885d6-51b5-4a9d-9751-59cc440c1826}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{98674DCB-D91A-49EB-86CF-240D2EB669C2}: "URL" = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{d2dc1ff3-f7ad-494a-aca8-6fe35170f586}: "URL" = http://www.mapy.cz/?query={searchTerms} ... kSearch_12
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Windows\system32\C2MP\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@kb-ext.cz/PKIComponent: C:\Users\John\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015.09.28 21:10:18 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2015.10.06 17:15:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TP-LINK USB Printer Controller] C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe (TP-LINK)
O4 - HKU\S-1-5-21-2740727072-2080102920-725536451-1000..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\bin\postak.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O15 - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..Trusted Domains: mojebanka.cz ([]https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..Trusted Domains: mojebanka.cz ([sign] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..Trusted Domains: mojeplatba.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} https://download.seznam.cz/listicka/toolbar2007.cab (ToolbarInetInstall Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 11.60.2)
O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_51)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 11.60.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D651EE7-24A3-4351-9694-4A78BDB7058E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{246B89A4-9736-48BE-84AB-23B4840AB4CE}: DhcpNameServer = 194.228.211.33 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EC12395-9D94-46D2-A655-71B02EE5DA8E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC6E1306-1DAE-4C59-B20D-7855B1B55EFF}: DhcpNameServer = 194.228.211.33 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7951E5B-7A6D-4931-9481-785EC0F7BF7E}: DhcpNameServer = 160.218.161.60 194.228.211.33
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\John\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\John\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.03.27 20:27:29 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.at3 - C:\Windows\System32\atrac3.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.hfyu - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.vp60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.wmv3 - C:\Windows\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.10.09 22:48:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
[2015.10.07 21:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2015.10.07 21:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2015.10.07 21:18:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015.10.07 21:01:32 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2015.10.04 18:34:01 | 000,000,000 | ---D | C] -- C:\Users\John\Desktop\Fotky mobil
[2015.10.04 11:48:26 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\temp
[2015.10.02 23:49:29 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2015.09.28 21:10:43 | 000,434,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2015.09.28 21:10:43 | 000,208,664 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2015.09.28 21:10:43 | 000,157,888 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStmXP.sys
[2015.09.28 21:10:43 | 000,057,888 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2015.09.28 21:10:42 | 000,789,296 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2015.09.28 21:10:42 | 000,076,000 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2015.09.28 21:10:42 | 000,055,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2015.09.28 21:10:42 | 000,049,776 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2015.09.28 21:10:42 | 000,024,016 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2015.09.28 21:10:41 | 000,107,984 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\ngvss.sys
[2015.09.28 21:10:34 | 000,313,472 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015.09.28 13:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.09.23 16:46:02 | 000,000,000 | ---D | C] -- C:\snapshots
[2015.09.21 20:23:42 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.09.14 17:21:18 | 000,180,608 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\tplinkUDSTcpBus.sys
[2015.09.14 17:21:18 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\tplinkUDSMBus.sys
[2015.09.14 17:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2015.09.14 17:20:26 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2015.09.13 01:15:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2015.09.13 01:14:10 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015.09.13 01:14:10 | 000,297,472 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015.09.13 01:14:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015.09.13 00:31:18 | 000,000,000 | ---D | C] -- C:\Windows\pss

========== Files - Modified Within 30 Days ==========

[2015.10.09 22:52:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.10.09 22:48:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
[2015.10.09 22:46:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.10.09 21:18:10 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015.10.09 21:18:10 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015.10.08 19:49:12 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2015.10.08 17:05:34 | 000,030,524 | ---- | M] () -- C:\Users\John\Desktop\Problém tisk.jpg
[2015.10.08 16:58:17 | 000,645,320 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2015.10.08 16:58:17 | 000,634,484 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015.10.08 16:58:17 | 000,137,958 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2015.10.08 16:58:17 | 000,120,050 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015.10.08 05:43:34 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2015.10.07 21:22:09 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2015.10.07 21:09:43 | 000,000,766 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.10.06 17:15:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2015.10.03 22:29:25 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015.10.03 22:29:24 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015.10.02 23:13:13 | 000,113,664 | ---- | M] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015.09.28 21:11:20 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015.09.21 20:23:57 | 000,157,888 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStmXP.sys
[2015.09.21 20:23:57 | 000,057,888 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2015.09.21 20:23:56 | 000,434,184 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2015.09.21 20:23:56 | 000,208,664 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2015.09.21 20:23:56 | 000,076,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2015.09.21 20:23:56 | 000,055,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2015.09.21 20:23:56 | 000,049,776 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2015.09.21 20:23:56 | 000,024,016 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2015.09.21 20:23:42 | 000,313,472 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015.09.21 20:23:42 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.09.21 20:23:17 | 000,789,296 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2015.09.21 20:23:13 | 000,107,984 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\ngvss.sys
[2015.09.14 17:20:28 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\USB Printer Controller.lnk
[2015.09.13 10:56:00 | 000,340,224 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2015.10.09 22:52:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.10.08 17:05:34 | 000,030,524 | ---- | C] () -- C:\Users\John\Desktop\Problém tisk.jpg
[2015.10.07 21:22:09 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2015.09.14 17:20:28 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\USB Printer Controller.lnk
[2013.09.17 20:02:49 | 000,001,570 | ---- | C] () -- C:\ProgramData\QuickSet.xml
[2011.11.15 20:07:42 | 000,000,000 | ---- | C] () -- C:\Users\John\AppData\Roaming\.NANotifyHere
[2011.05.23 09:12:46 | 000,008,592 | ---- | C] () -- C:\Users\John\AppData\Local\d3d9caps.dat
[2008.10.26 03:25:40 | 000,113,664 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.18 21:16:21 | 000,134,376 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.09.18 21:15:53 | 000,134,376 | ---- | C] () -- C:\ProgramData\nvModes.dat

========== ZeroAccess Check ==========

[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.07.11 17:56:09 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2015.03.27 20:37:32 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Autodesk
[2013.12.07 14:36:32 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AVAST Software
[2009.11.05 19:14:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\BSplayer
[2009.04.24 11:18:58 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\BSplayer Pro
[2013.10.11 19:23:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FreeCommander
[2010.01.23 16:47:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GetRightToGo
[2015.08.10 21:27:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GHISLER
[2014.02.05 22:54:11 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ICQ
[2015.08.10 21:27:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IrfanView
[2013.12.26 14:46:57 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\KB-ext
[2015.09.28 21:15:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia
[2010.10.16 09:27:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia Ovi Suite
[2015.09.28 21:15:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia Suite
[2010.01.06 13:00:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PC Suite
[2013.06.28 23:05:10 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Samsung
[2008.10.26 03:20:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\tmp
[2009.07.24 23:48:47 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:01:49 | 000,032,518 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\erdnt\cache\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.09.19 06:34:28 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.09.19 06:34:28 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\erdnt\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.09.19 06:34:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\erdnt\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2013.10.03 15:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2013.04.24 06:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2013.04.17 14:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\erdnt\cache\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\System32\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2008.01.21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012.04.23 18:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2013.07.08 04:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2012.04.23 16:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2013.04.17 13:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2012.06.02 13:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012.06.02 02:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013.04.24 05:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2008.03.18 15:59:36 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Drivers\storage\R179638\iastor.sys
[2008.03.18 15:59:36 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\drivers\iaStor.sys
[2008.03.18 15:59:36 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_cfa1dde4\iaStor.sys
[2008.03.18 15:59:36 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_ec8a8d1b\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2015.06.27 16:20:12 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2DCDD1B84875C0D5404173EC3B00E454 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23737_none_a8a1260573213258\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2015.04.30 16:19:51 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=474FDD99DB6012E21405AAEE8DA61546 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23683_none_a867135b734d5b8a\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012.06.02 00:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2014.10.11 01:21:41 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=86C519D59C70327434641E862A70B52B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23521_none_a8a5f069731e840f\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\erdnt\cache\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19214_none_a82a209c59f61a0b\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19284_none_a7de71285a2edda2\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19431_none_a81183b25a090036\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2015.03.06 04:16:32 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=ACAC4085ECDA9A35ED621936D67DB9D4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23640_none_a88f522d732f9fc1\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2014.12.03 02:23:58 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=C4AA089041242987308AE2A7B30E910A -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23555_none_a88981cd73333d3e\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 15:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\erdnt\cache\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008.02.08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008.02.08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\erdnt\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\erdnt\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2013.07.08 03:18:50 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=18CE0D0DCB7AF0D3E67ECF12BDE1382D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_ae7897262f9a96cf\smss.exe
[2015.03.13 02:10:36 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=363FBAC6FECBD86D1795EE69B342DA30 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23654_none_ae78a0a42f9a8892\smss.exe
[2013.03.09 03:16:53 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=44A40B18D9F6315D35F4539A41ECDE0D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23076_none_ae64f5fc2fa90438\smss.exe
[2008.01.21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2015.07.21 16:15:47 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=97BDD5240706720FA47B7F8F904EE87E -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23762_none_ae6bd20a2fa46efc\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2013.05.02 03:27:42 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=AF2F8F104F119DD10AFA8B54A006F1B6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23103_none_aeada6782f72f1c3\smss.exe
[2015.01.09 02:18:11 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=B5C66E0B251D954D6CED30E4FDB07792 -- C:\Windows\System32\smss.exe
[2015.01.09 02:18:11 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=B5C66E0B251D954D6CED30E4FDB07792 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.19279_none_adde5fc11688a7e8\smss.exe
[2013.03.09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_ae2630391653543e\smss.exe
[2015.07.18 16:16:27 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=E999B040E681E143171F3F8925899934 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23761_none_ae6ad1c02fa555a5\smss.exe
[2015.02.26 02:16:47 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=EF4707EB97B522B1FBC447654DC4F1F2 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23636_none_ae9041102f88835e\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.09.19 06:35:20 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2013.05.08 05:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013.01.04 13:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2013.05.08 06:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013.07.05 05:20:37 | 000,914,880 | ---- | M] (Microsoft Corporation) MD5=6D0D344F643E28B31262AC2682109A3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[2013.01.04 13:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.09.19 06:35:20 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2014.04.05 05:23:10 | 000,915,392 | ---- | M] (Microsoft Corporation) MD5=A4196D394207369E1431E8681B373312 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23370_none_b54264477ce304df\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2014.04.05 04:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\erdnt\cache\tcpip.sys
[2014.04.05 04:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.19080_none_b4adf3c463cd86b8\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2013.07.05 06:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012.03.30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\erdnt\cache\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[26 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.05.05 10:05:54 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Adobe
[2015.03.27 20:37:32 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Autodesk
[2013.12.07 14:36:32 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AVAST Software
[2009.11.05 19:14:25 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\BSplayer
[2009.04.24 11:18:58 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\BSplayer Pro
[2008.10.22 07:08:35 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Creative
[2008.10.14 11:10:41 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Dell
[2012.07.27 19:55:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DivX
[2013.10.11 19:23:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FreeCommander
[2010.01.23 16:47:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GetRightToGo
[2015.08.10 21:27:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GHISLER
[2011.10.17 20:10:30 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HP
[2011.10.25 17:10:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HpUpdate
[2014.02.05 22:54:11 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ICQ
[2008.10.14 11:10:18 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Identities
[2015.08.10 21:27:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IrfanView
[2013.12.26 14:46:57 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\KB-ext
[2008.10.21 19:57:59 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Media Center Programs
[2013.10.11 19:13:26 | 000,000,000 | --SD | M] -- C:\Users\John\AppData\Roaming\Microsoft
[2011.11.16 00:40:20 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nero
[2015.09.28 21:15:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia
[2010.10.16 09:27:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia Ovi Suite
[2015.09.28 21:15:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia Suite
[2010.01.06 13:00:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PC Suite
[2010.08.18 11:51:46 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Real
[2008.10.26 03:20:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Reallusion
[2008.10.16 01:32:47 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Roxio
[2013.06.28 23:05:10 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Samsung
[2015.10.04 11:40:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Skype
[2015.08.29 23:40:12 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Sun
[2008.10.26 03:20:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\tmp
[2013.11.13 00:25:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Winamp
[2008.10.20 22:08:08 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\WinRAR
[2009.07.24 23:48:47 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2008.04.01 12:51:06 | 000,691,717 | ---- | M] () -- C:\Users\John\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Users\John\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Users\John\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Users\John\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Users\John\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2013.12.26 14:45:55 | 001,175,960 | ---- | M] () -- C:\Users\John\AppData\Roaming\KB-ext\lib\unins000.exe
[2014.03.15 17:00:08 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\John\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009.12.06 19:17:34 | 001,961,720 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\John\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2012.01.16 15:00:10 | 071,063,688 | ---- | M] () -- C:\Users\John\AppData\Roaming\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.10.09 23:18:46 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015.10.09 23:18:46 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015.10.08 16:58:17 | 000,137,958 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2015.10.08 16:58:17 | 000,120,050 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2015.10.08 16:58:17 | 000,645,320 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2015.10.08 16:58:17 | 000,634,484 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2015.10.08 16:58:17 | 001,532,794 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 04:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Seznam Postak" = "C:\Program Files\Seznam.cz\bin\postak.exe" -s -- [2012.01.10 16:16:10 | 000,491,040 | ---- | M] ()

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.10.09 22:52:42 | 000,000,512 | ---- | M] () MD5=ECAF978CCF12412F5A0618756BA2B9F2 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.01.13 21:03:42 | 290,649,402 | ---- | M] () -- \Instalačky\Autocad\AutoCAD-2006-CZ-+-CRACK.rar
[2006.09.22 00:26:00 | 005,558,483 | ---- | M] () -- \Script\Music\ABBA\1981 - The Visitors\01 Visitors (Crackin' Up).mp3

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2011.02.03 22:31:17 | 000,022,240 | ---- | M] () -- \Autodesk\DWGTrueViewx86InstallImage\x86\dwgviewr\Program Files\DWG TrueView 2012\AecLoader.arx
[2015.09.21 20:23:34 | 000,072,440 | ---- | M] () -- \Program Files\Alwil Software\Avast5\aswWrcIELoader32.exe
[2007.01.31 01:07:46 | 000,027,752 | ---- | M] () -- \Program Files\AutoCAD 2008\AecLoader.arx
[2011.02.03 22:31:17 | 000,022,240 | ---- | M] () -- \Program Files\Autodesk\DWG TrueView 2012\AecLoader.arx
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.05.23 15:13:44 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2007.01.31 01:07:46 | 000,027,752 | ---- | M] () -- \Programy\AutoCAD 2008 CZ\Program Files\Root\AECLOADER.ARX
[2015.10.08 17:27:39 | 000,006,494 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NNC2C92P\ajax-product-loader[1].gif
[2015.10.08 17:29:52 | 000,008,581 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OTMES6QG\bx_loader[1].gif
[2015.10.08 16:54:13 | 000,018,876 | ---- | M] () -- \Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OTMES6QG\loader[1].js
[2015.07.23 17:09:34 | 000,072,638 | ---- | M] () -- \Users\John\AppData\Local\Skype\Apps\login\images\loader.gif
[2015.07.23 17:09:34 | 000,003,032 | ---- | M] () -- \Users\John\AppData\Local\Skype\Apps\login\images\loader.png
[2015.07.23 17:09:34 | 000,006,012 | ---- | M] () -- \Users\John\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2015.07.23 17:09:34 | 000,021,956 | ---- | M] () -- \Users\John\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2015.07.23 17:09:34 | 000,009,772 | ---- | M] () -- \Users\John\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2008.09.18 21:13:49 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.10.27 16:30:33 | 000,188,928 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common4f49951d#\2f98aad5af44a9b0a37a79492fb10ab1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
[2014.10.27 16:30:33 | 000,001,892 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common4f49951d#\2f98aad5af44a9b0a37a79492fb10ab1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll.aux
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2007.07.03 01:00:00 | 000,077,824 | ---- | M] () -- \Windows\System32\UMLoader.dll
[2010.10.22 13:43:22 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.01.21 08:45:35 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.01.21 08:45:35 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.01.21 08:45:35 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2009.11.07 22:33:15 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009.11.07 22:33:15 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009.11.07 22:33:15 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008.01.21 04:26:48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:26:48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.09.19 06:35:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.09.19 06:35:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.09.19 06:34:59 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.09.19 06:35:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.09.19 06:34:59 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.09.19 06:35:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.09.19 06:35:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.09.19 06:35:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.09.19 06:35:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.09.19 06:34:59 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.09.19 06:35:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.09.19 06:34:59 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.09.19 06:35:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.09.19 06:35:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.21 08:38:38 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.09.19 06:35:01 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.09.19 06:35:01 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.21 04:20:53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.09.19 06:35:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.09.19 06:35:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.21 04:19:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

hagal · #26 Příspěvek od **hagal** » 09 říj 2015 23:17

pokračování OTL:

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2006.11.28 20:35:14 | 000,002,274 | ---- | M] () -- \Program Files\AutoCAD 2008\WebDepot\RTSerialNumberHelp.html
[2015.07.28 01:47:54 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.dll
[2015.08.13 01:30:24 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40728.0\System.Runtime.Serialization.ni.dll
[2014.07.10 00:14:57 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2006.11.28 20:35:14 | 000,002,274 | ---- | M] () -- \Programy\AutoCAD 2008 CZ\cs-CZ\Acad\Program Files\Root\WebDepot\RTSerialNumberHelp.html
[2006.11.28 20:35:14 | 000,002,274 | ---- | M] () -- \Programy\AutoCAD 2008 CZ\support\NSA\Program Files\NLM\NLA\csy\WebDepot\RTSerialNumberHelp.html
[2006.03.16 16:50:38 | 000,000,131 | ---- | M] () -- \Programy\Slovník\PC-Translator 2000\crack\Serial.txt
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.10 00:14:57 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.11.14 18:23:03 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0c230d2ecb6492180563ea1811cae3d6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.11.14 18:23:34 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0da6b8070bd799d25d8a0add408201e8\System.Runtime.Serialization.ni.dll
[2014.09.15 18:25:28 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.15 18:25:28 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.27 16:23:31 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014.10.27 16:23:31 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014.03.15 17:45:59 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.03.15 17:45:58 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\271D3094BCCDF293393A43ACD974EFD3\4.5.50938\System.Runtime.Serialization.dll.x86
[2013.09.11 23:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\271D3094BCCDF293393A43ACD974EFD3\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.10 00:14:57 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2008.01.21 08:44:02 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2008.01.21 08:42:01 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2008.01.21 08:42:02 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2008.01.21 04:23:26 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 09:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.01.21 04:23:01 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 10:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.01.21 04:23:22 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2009.11.07 22:33:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2009.11.07 22:33:20 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008.01.21 08:45:31 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2009.11.07 22:33:38 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006.11.02 14:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008.06.23 04:05:53 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2008.06.23 04:02:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008.01.21 04:21:15 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2008.06.23 04:40:19 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2008.06.23 03:58:46 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2009.04.11 00:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010.04.12 20:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012.10.08 18:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2014.07.02 00:20:17 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af.manifest
[2014.07.14 03:48:49 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19142_none_d20292adb884d6c4.manifest
[2010.04.12 21:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012.10.08 17:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2014.07.01 23:23:31 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499.manifest
[2014.07.14 02:50:45 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23445_none_bb34a74dd22c844f.manifest
[2008.01.21 08:38:00 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006.11.02 14:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008.06.23 04:30:17 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2008.08.14 07:39:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2008.06.23 04:23:53 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2008.08.14 07:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.01.21 08:38:23 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2008.06.23 04:32:13 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2008.08.14 10:36:16 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2008.06.23 04:09:44 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2008.08.14 09:03:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2009.04.11 11:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010.04.13 00:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010.04.12 19:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012.10.08 21:37:20 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666.manifest
[2012.10.08 18:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2014.07.02 01:14:29 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_cs-cz_5facab8cc7d210c9.manifest
[2014.07.02 00:10:09 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_en-us_bac925a3037d5bdb.manifest
[2014.07.14 05:31:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19142_cs-cz_5fadd966c7d0f6de.manifest
[2014.07.14 03:42:29 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19142_en-us_baca537d037c41f0.manifest
[2010.04.13 00:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010.04.12 20:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012.10.08 18:22:39 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7.manifest
[2012.10.08 17:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2014.07.02 01:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_cs-cz_48ded6f4e179a4b3.manifest
[2014.07.01 23:17:43 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_en-us_a3fb510b1d24efc5.manifest
[2014.07.14 05:15:40 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23445_cs-cz_48dfee06e178a469.manifest
[2014.07.14 02:39:45 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23445_en-us_a3fc681d1d23ef7b.manifest
[2006.11.02 14:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008.06.23 04:05:31 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2008.06.23 04:02:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008.01.21 04:21:15 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2008.06.23 04:39:55 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2008.06.23 03:58:14 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2009.04.11 00:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010.04.12 20:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012.10.08 18:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2014.07.02 00:20:09 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2.manifest
[2014.07.14 03:48:41 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19142_none_0245c847e02bd7f7.manifest
[2010.04.12 21:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012.10.08 17:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2014.07.01 23:23:24 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc.manifest
[2014.07.14 02:50:38 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23445_none_eb77dce7f9d38582.manifest
[2006.11.02 12:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.01.21 04:20:08 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009.04.11 00:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006.11.02 12:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 14:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008.06.23 04:08:38 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2008.06.23 04:05:46 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008.01.21 04:21:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2008.06.23 04:43:41 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2008.06.23 04:02:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2009.04.11 00:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010.04.12 20:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012.10.08 18:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2014.07.02 00:21:17 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24.manifest
[2014.07.14 03:49:45 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19142_none_0720741521027239.manifest
[2010.04.12 21:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012.10.08 17:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2014.07.01 23:24:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e.manifest
[2014.07.14 02:51:36 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23445_none_f05288b53aaa1fc4.manifest
[2006.10.20 03:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 20:00:27 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:55:55 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.21 04:23:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 20:03:15 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:58:35 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.19134_none_47f18f01241f2064\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:18:07 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.23436_none_3123ba693dc6b44e\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.21 08:40:03 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16754_cs-cz_0164b12f1d133e9e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.20921_cs-cz_ea944dc536bd060d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.21 08:43:32 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18145_cs-cz_013f95e51d654b3f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.22269_cs-cz_ea739499370b4477\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.19134_cs-cz_011aa56d1db7295d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.23436_cs-cz_ea4cd0d5375ebd47\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 14:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008.06.20 03:17:50 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2008.06.20 03:12:45 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008.01.21 04:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2008.06.20 03:14:31 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2008.06.20 03:13:19 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2009.02.18 20:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010.04.12 14:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012.10.08 13:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2014.06.27 00:17:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af\System.Runtime.Serialization.dll
[2014.07.10 00:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19142_none_d20292adb884d6c4\System.Runtime.Serialization.dll
[2010.04.12 14:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012.10.08 12:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499\System.Runtime.Serialization.dll
[2014.07.11 00:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23445_none_bb34a74dd22c844f\System.Runtime.Serialization.dll
[2008.01.21 08:42:34 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d\System.RunTime.Serialization.Resources.dll
[2008.01.21 08:43:27 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_cs-cz_5facab8cc7d210c9\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19142_cs-cz_5fadd966c7d0f6de\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_cs-cz_48ded6f4e179a4b3\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23445_cs-cz_48dfee06e178a469\System.RunTime.Serialization.Resources.dll
[2006.11.02 14:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008.06.20 03:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2008.06.20 03:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008.01.21 04:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2008.06.20 03:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2008.06.20 03:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2\System.Runtime.Serialization.dll
[2014.07.10 00:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19142_none_0245c847e02bd7f7\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012.10.08 12:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc\System.Runtime.Serialization.dll
[2014.07.11 00:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23445_none_eb77dce7f9d38582\System.Runtime.Serialization.dll
[2008.01.21 08:42:02 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2008.01.21 04:23:26 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2008.01.21 08:41:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16754_cs-cz_be141fbfae547065\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.20921_cs-cz_bebb2d56c75c6d7e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.21 08:43:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18145_cs-cz_c0062e9bab71febc\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.22269_cs-cz_c07e2cb6c49c3bc4\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.19134_cs-cz_c1f65f0fa8912fae\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.23436_cs-cz_c282003ac1acfc74\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.21 08:41:55 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2008.01.21 08:44:02 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2008.01.21 08:42:31 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\System.RunTime.Serialization.Resources.dll
[2008.01.21 08:43:24 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_cs-cz_5dd572706bba3215\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.19134_cs-cz_5f3e06ad4fb9f5eb\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.23436_cs-cz_5fc9a7d868d5c2b1\System.RunTime.Serialization.Resources.dll
[2008.01.21 08:40:22 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2008.01.21 04:23:01 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2008.01.21 08:42:01 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2008.01.21 04:23:22 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 14:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008.06.20 03:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2008.06.20 03:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008.01.21 04:25:21 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2008.06.20 03:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2008.06.20 03:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24\System.Runtime.Serialization.dll
[2014.07.10 00:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19142_none_0720741521027239\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012.10.08 12:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e\System.Runtime.Serialization.dll
[2014.07.11 00:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23445_none_f05288b53aaa1fc4\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

hagal · #27 Příspěvek od **hagal** » 09 říj 2015 23:18

Extras:

OTL Extras logfile created on: 9.10.2015 22:50:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 42,91% Memory free
4,23 Gb Paging File | 2,69 Gb Available in Paging File | 63,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,98 Gb Total Space | 128,79 Gb Free Space | 44,72% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,09 Gb Free Space | 50,86% Space Free | Partition Type: NTFS

Computer Name: JOHN-PC | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{132D61D5-48E5-49DB-BA5B-1204495BA8D7}" = rport=138 | protocol=17 | dir=out | app=system |
"{1AE310CD-FE95-482E-A02F-B12B76C032D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26ED2134-42C8-4829-B269-9A3501C8946A}" = lport=445 | protocol=6 | dir=in | app=system |
"{29395C10-57E6-45D2-944A-C4AC30F61A34}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4CEA6427-2A3B-478C-92CB-E8D136B28DD3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5C0A88DC-7E1D-48BD-9AA0-E9CB87B6EEBD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6661D9A4-F52B-4052-AE73-D12C10951748}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{7AD95D57-920F-408F-B700-AFD57BCE0620}" = lport=139 | protocol=6 | dir=in | app=system |
"{80309E89-B4FF-4499-A850-51A3BF66878A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{813E3801-D503-4ADC-9556-3101C760BB67}" = lport=137 | protocol=17 | dir=in | app=system |
"{9AE9E0B3-6113-42D8-AE8B-69136B3B40B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BFE6E2B-5B02-457F-904D-710FC38346CE}" = rport=137 | protocol=17 | dir=out | app=system |
"{A466CBCC-0E36-4227-A03A-CDD55AD61972}" = rport=139 | protocol=6 | dir=out | app=system |
"{B0EBFDF0-7498-467B-99E6-2AA3BEC79958}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C09C69CE-86D1-4802-ACEF-71C595D618AD}" = lport=7437 | protocol=17 | dir=in | name=tp-link usb printer controller udp port |
"{C14ED87D-E938-4A68-95E4-F4618C48B548}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C4ABA501-F236-46CC-B90B-7FC60A35FAB1}" = rport=445 | protocol=6 | dir=out | app=system |
"{D0C240A4-5D0D-4162-BCB4-B73BB5338447}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ED1E80F7-65A2-4F65-9DEC-B131E41AC472}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F202A056-35D1-46C7-A84F-CC94CBD82592}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F312824F-828F-4719-90DE-F64FADCC3237}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06EEA8A5-86D1-40AB-860F-E7DB88206040}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{0843C11D-3383-4CBC-90E8-C2574C628203}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{08F97E70-5077-4468-9559-FC96F33E133C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12DD239E-E383-4FD9-AF72-F42B02942A55}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1D9DA951-7F87-44D6-A7F6-9F0487F97594}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{2042A9B9-FB21-46FF-96A9-03F8EFDD4E6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37289C4E-16AB-492E-9681-52E9A481D8FD}" = protocol=6 | dir=in | app=c:\program files\tp-link\usb printer controller\usb printer controller.exe |
"{3E4F1A70-A1EE-4F25-9DAA-25C583415569}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5A8434FD-DFFD-4E3E-A1FD-2A5899F542C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D92EF22-1E0F-4329-898C-B0BF2DC2EE13}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7DF486E0-CA4D-440F-ADF7-E95354D0C030}" = protocol=17 | dir=in | app=c:\program files\tp-link\usb printer controller\usb printer controller.exe |
"{833012F8-570C-4F98-B216-365B2D131BA8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9281961F-69E8-4B1A-A069-FC46E5F347EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{939BE648-2FE4-48BF-B33F-F94C5E880787}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{97D7F7BD-E253-4886-BA1B-533D9447B80E}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{9C6F0992-7941-41F7-A87D-CA83F67F55AE}" = dir=in | app=e:\setup\hpznui01.exe |
"{A39F8288-24FC-42EF-8025-8E6A575A6BFA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A7C852F3-9402-4ECA-955C-91325EDEEFCC}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast5\ng\vbox\aswfe.exe |
"{D3C09976-8095-4404-84C6-B0B3C9ADF655}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D69A3A23-AA4A-4362-ADB2-AB4C5D9E0CC2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D8A8DCE6-FA73-46CE-B034-C560464F16BB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DBB99649-6326-41E2-AEC9-0196B0BB23E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E12DEF4C-C0C6-45D2-B611-D85C7CBF759E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E25FFCF3-EBC9-4020-9286-CB84DD6E3B2B}" = protocol=6 | dir=out | app=system |
"{E8D095EE-A3F5-4690-A1CD-512FF0F9C5CC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F1A0781A-2CF3-4768-BCA9-60469D389026}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F7F1E018-05D2-4A56-8F83-E18253BF479B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0BEC4641-01F4-4122-96F7-4EB351FA4910}C:\program files\tp-link\usb printer controller\usb printer controller.exe" = protocol=6 | dir=in | app=c:\program files\tp-link\usb printer controller\usb printer controller.exe |
"TCP Query User{25DF98FD-C9C2-4CE1-B42F-025EDA3412D1}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{2ACF2DD6-ECC8-4519-973E-6B1E0E8C7B50}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{E21A29ED-105B-40FD-83B6-321C45B1530D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5C2B3147-0AE9-4168-B347-DC3420FD6B9C}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{8AEA8770-26C7-413D-A47C-F58E8DBFF7A1}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9F5796F5-53DF-47BF-8504-A6EE323AC796}C:\program files\tp-link\usb printer controller\usb printer controller.exe" = protocol=17 | dir=in | app=c:\program files\tp-link\usb printer controller\usb printer controller.exe |
"UDP Query User{D7AE686B-3E37-448C-A715-67E688A4F397}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83218060F0}" = Java 8 Update 60
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31B9D218-FED2-4C6C-B19F-7294FFC130B0}" = Adobe AIR
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5783F2D7-6001-0405-0002-0060B0CE6BBA}" = AutoCAD 2008 - Český
"{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012
"{5822002D-6231-4E21-B022-7F759A302711}" = ScriptPro
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype™ 7.8
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C3B2884-0F53-4FBD-AB2A-192BD4FB01A1}" = TP-LINK USB Printer Controller
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D31FB582-86AE-4A05-BFC1-5C5CA944E234}" = Vista Profile Pack
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"aTube Catcher" = aTube Catcher
"AutoCAD 2008 - Český" = AutoCAD 2008 - Český
"AutoCAD 2008 - Český SP1" = AutoCAD 2008 - Český SP1
"avast" = Avast Free Antivirus
"Broadcom 802.11b Network Adapter" = Nástroj pro bezdrátovou kartu WLAN Dell
"BSPlayer1" = BSPlayer
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Creative OEM013" = Laptop Integrated Webcam Driver (1.01.01.0529)
"Defraggler" = Defraggler
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DWG TrueView 2012" = DWG TrueView 2012
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"iTube_is1" = iTube 2.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"O2 Internet" = O2 Internet
"RailCAD v.3.2_is1" = RailCAD verze 3.2 pro AutoCAD 200x
"SystemRequirementsLab" = System Requirements Lab
"szn-software-listicka" = Seznam Lištička (Všichni uživatelé tohoto počítače.)
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio11_CZ_is1" = Zoner Photo Studio 11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2740727072-2080102920-725536451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 22.1.2010 18:57:34 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 22.1.2010 18:57:38 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 22.1.2010 18:57:38 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 14.3.2010 6:40:37 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 18.4.2010 10:27:38 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 17.10.2010 15:47:56 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 27.12.2010 5:06:59 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 27.12.2010 5:06:59 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 12.1.2011 19:11:17 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

Error - 11.2.2011 12:49:47 | Computer Name = John-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 28.9.2015 14:42:52 | Computer Name = John-PC | Source = WinMgmt | ID = 10
Description =

Error - 28.9.2015 14:54:38 | Computer Name = John-PC | Source = WinMgmt | ID = 10
Description =

Error - 28.9.2015 15:09:18 | Computer Name = John-PC | Source = VSS | ID = 8194
Description =

Error - 28.9.2015 15:33:16 | Computer Name = John-PC | Source = EventSystem | ID = 4621
Description =

Error - 28.9.2015 16:38:03 | Computer Name = John-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.9.2015 15:21:53 | Computer Name = John-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.9.2015 10:18:53 | Computer Name = John-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.9.2015 13:54:30 | Computer Name = John-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.9.2015 14:11:29 | Computer Name = John-PC | Source = ESENT | ID = 467
Description = Windows (3396) Windows: Databáze C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_KindText405 tabulky SystemIndex_0A je poškozen (0).

Error - 30.9.2015 14:11:29 | Computer Name = John-PC | Source = Windows Search Service | ID = 7040
Description =

[ Broadcom Wireless LAN Events ]
Error - 30.9.2015 13:53:12 | Computer Name = John-PC | Source = WLAN-Tray | ID = 0
Description = 19:53:10, Wed, Sep 30, 15 Error - Unable to gain access to user store

[ OSession Events ]
Error - 1.1.2009 9:13:37 | Computer Name = John-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 305
seconds with 240 seconds of active time. This session ended with a crash.

Error - 1.3.2014 15:22:49 | Computer Name = John-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 162886135
seconds with 14640 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8.10.2015 10:17:35 | Computer Name = John-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8.10.2015 13:49:21 | Computer Name = John-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (19:36:46, 8.10.2015) bylo neočekávané.

Error - 8.10.2015 13:50:07 | Computer Name = John-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8.10.2015 13:50:07 | Computer Name = John-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8.10.2015 13:50:07 | Computer Name = John-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8.10.2015 13:50:07 | Computer Name = John-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8.10.2015 13:51:47 | Computer Name = John-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8.10.2015 13:51:47 | Computer Name = John-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8.10.2015 13:52:40 | Computer Name = John-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8.10.2015 13:52:40 | Computer Name = John-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

#28 Příspěvek od **Márty84** » 10 říj 2015 08:37

hagal píše:To zamrzání není pravidelný, nevím, jak vyzkoušet modelovou situaci, při které by mohl zamrznout.

Jak casto se to stava, plus minus?

hagal píše:V připadě tiskárny/routeru nevím, co mám hledat a jak poznat, co se změnilo.

Tak nastaveni zresetujte a nastavte znovu, jako pri prvnim pouziti. Ale az po pouziti skriptu pro OTL.

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes,DefaultScope = {0D0E0895-8BE8-4DF0-ACA2-D2EF892012D9}
IE - HKU\S-1-5-21-2740727072-2080102920-725536451-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
[26 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

hagal · #29 Příspěvek od **hagal** » 10 říj 2015 22:21

Zamrzání se stalo cca tak čtyřikrát od poslední aktualizace avastu, což může být tak asi 14 dnů. Poprvé se to stalo, když jsem vypínal Printer controller, podruhé při běžné práci na internetu. U třetího případu si nevzpomínám už na přesný vznik a naposledy to bylo při tom zavření víka a přechodu do režimu spánku.

Co se týče padání internetového připojení, tak to padá s každou opravou čím dál častěji, teď už se to stává snad každých pět minut.

log po opravě:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313312 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: John
->Temp folder emptied: 43132978 bytes
->Temporary Internet Files folder emptied: 53829354 bytes
->Java cache emptied: 8570889 bytes
->Flash cache emptied: 2023210 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32886 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 4885417 bytes

Total Files Cleaned = 108,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: John
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2740727072-2080102920-725536451-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}\ deleted successfully.
C:\Program Files\Seznam.cz\bin\listicka.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}\ not found.
File C:\Program Files\Seznam.cz\bin\listicka.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}\ deleted successfully.
File C:\Program Files\Seznam.cz\bin\listicka.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}\ not found.
File C:\Program Files\Seznam.cz\bin\listicka.dll not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14B9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP202C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP254A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP342F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3AC7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4025.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4604.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4B00.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5068.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5587.tmp\System.Runtime.Remoting.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5587.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65F8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7295.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP794A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9FBD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAE3F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB7C3.tmp\WindowsBase.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB7C3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC487.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE06F.tmp\System.Management.Automation.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE06F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEBC6.tmp\System.Speech.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEBC6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF578.tmp folder deleted successfully.
C:\Windows\Installer\MSI3752.tmp deleted successfully.
C:\Windows\Installer\MSI7EDB.tmp deleted successfully.
C:\Windows\Installer\MSI9AE7.tmp deleted successfully.
C:\Windows\Installer\MSI9ED6.tmp deleted successfully.
C:\Windows\Installer\MSIB00D.tmp deleted successfully.
C:\Windows\Installer\MSIBE8E.tmp deleted successfully.
C:\Windows\Installer\MSIEAEB.tmp deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 10102015_224155

Files\Folders moved on Reboot...
C:\Users\John\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T00FEIJK\956814358[1].htm moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T00FEIJK\afr[1].htm moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T00FEIJK\afr[2].htm moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T00FEIJK\viewtopic[1].htm moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OTMES6QG\context[2].htm moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OTMES6QG\context[3].htm moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NNC2C92P\marketingova-kampan-art15169[1].htm moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GR2X7XAD\YKPvjVoWVGb[1].htm moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#30 Příspěvek od **Márty84** » 11 říj 2015 10:09

Znovu spustte OTL jako spravce a kliknete na napis Vycisti, program po sobe uklidi.

Ten internet pada vsude, nebo jen doma? Pada to stejne casto i v nouzovem rezimu s praci v siti?

Preinstalujte, pripadne i aktualizujte, ovladac sitove karty.

VIRY.CZ

zpomalený, blue screen, sekání, padá internetové připojení

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje

Re: zpomalený, blue screen, sekání, padá internetové připoje