VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

zpomalený ntb, prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=124832

Stránka 2 z 4

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 05:03
od hannah11
tak hotovo

log OTL

OTL logfile created on: 11.10.2012 19:28:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hanka\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

767,18 Mb Total Physical Memory | 173,54 Mb Available Physical Memory | 22,62% Memory free
1,75 Gb Paging File | 0,52 Gb Available in Paging File | 29,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 5,05 Gb Free Space | 5,05% Space Free | Partition Type: NTFS
Drive D: | 122,87 Gb Total Space | 47,29 Gb Free Space | 38,49% Space Free | Partition Type: NTFS

Computer Name: HANKA-PC | User Name: Hanka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.10.11 19:06:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hanka\Desktop\OTL.exe
PRC - [2012.09.21 21:10:12 | 001,807,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
PRC - [2012.08.20 20:26:05 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccsvchst.exe
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Users\Hanka\AppData\Local\Seznam.cz\bin\postak.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.07.01 11:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
PRC - [2009.12.17 18:42:54 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009.11.04 00:55:53 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009.10.17 07:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
PRC - [2009.10.17 03:31:06 | 000,284,160 | ---- | M] (ASUSTek) -- C:\Program Files\ASUS\LivCam\LivCam.exe
PRC - [2009.09.26 00:02:26 | 000,402,608 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
PRC - [2009.09.15 03:05:56 | 000,044,312 | ---- | M] () -- C:\Program Files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe
PRC - [2009.09.11 21:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
PRC - [2009.09.09 21:15:12 | 000,413,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
PRC - [2009.08.25 09:47:10 | 000,947,472 | ---- | M] (ECAREME) -- C:\Program Files\ASUS\Asus WebStorage\BackupService.exe
PRC - [2009.08.19 03:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2009.08.03 02:05:24 | 002,348,320 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2009.08.03 02:05:24 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009.08.03 02:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009.07.20 11:47:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
PRC - [2009.07.14 03:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe


========== Modules (No Company Name) ==========

MOD - [2012.09.21 21:10:10 | 009,813,424 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_278.dll
MOD - [2012.08.20 20:26:04 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.06.14 17:07:39 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012.06.14 16:22:04 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.14 16:21:31 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.05.11 20:49:17 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012.05.11 17:54:06 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 17:54:02 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
MOD - [2012.05.11 17:53:59 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
MOD - [2012.05.11 17:53:56 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012.05.11 17:49:47 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 17:49:33 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.11 17:49:30 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 17:49:04 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Users\Hanka\AppData\Local\Seznam.cz\bin\postak.exe
MOD - [2011.12.12 15:52:58 | 000,822,816 | ---- | M] () -- C:\Users\Hanka\AppData\Local\Seznam.cz\bin\email.4.dll
MOD - [2011.12.12 15:52:18 | 001,151,520 | ---- | M] () -- C:\Users\Hanka\AppData\Local\Seznam.cz\bin\core.4.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.11.05 03:53:33 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010.02.10 19:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.11.04 01:15:02 | 000,029,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll
MOD - [2009.11.04 01:15:01 | 000,839,680 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2009.09.26 00:02:26 | 000,402,608 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
MOD - [2009.09.16 00:30:42 | 000,376,832 | ---- | M] () -- C:\Program Files\ASUS\LivCam\SMIUtility.dll
MOD - [2009.08.25 09:47:24 | 000,140,560 | ---- | M] () -- C:\Program Files\ASUS\Asus WebStorage\EcaremeDLL.dll
MOD - [2009.08.25 09:47:22 | 000,095,504 | ---- | M] () -- C:\Program Files\ASUS\Asus WebStorage\BSWorker.dll
MOD - [2009.08.25 09:47:22 | 000,083,216 | ---- | M] () -- C:\Program Files\ASUS\Asus WebStorage\BSBroker.dll
MOD - [2009.08.25 09:47:08 | 000,034,064 | ---- | M] () -- C:\Program Files\ASUS\Asus WebStorage\BackupServicePop.dll
MOD - [2009.08.03 02:05:40 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009.06.10 23:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Users\Hanka\AppData\Local\Temp\7zS46CB\hpslpsvc32.dll -- (HPSLPSVC)
SRV - [2012.08.20 20:26:04 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe -- (NIS)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.07.01 11:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe -- (BackupService)
SRV - [2010.05.27 20:12:57 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.12.17 18:42:54 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.09.15 03:05:56 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009.08.19 03:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009.08.03 02:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2012.09.29 19:10:25 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121011.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012.09.29 19:10:25 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012.09.29 19:10:25 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.09.29 19:10:25 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121011.002\NAVENG.SYS -- (NAVENG)
DRV - [2012.09.29 17:54:12 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012.09.28 12:33:38 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20121010.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012.09.19 22:28:58 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120928.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012.07.06 04:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1308000.00E\srtsp.sys -- (SRTSP)
DRV - [2012.07.06 04:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1308000.00E\srtspx.sys -- (SRTSPX)
DRV - [2012.06.07 06:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1308000.00E\ccsetx86.sys -- (ccSet_NIS)
DRV - [2012.05.22 03:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1308000.00E\symefa.sys -- (SymEFA)
DRV - [2012.04.18 04:13:32 | 000,318,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1308000.00E\symnets.sys -- (SymNetS)
DRV - [2012.04.18 03:42:14 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1308000.00E\ironx86.sys -- (SymIRON)
DRV - [2011.08.16 00:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1308000.00E\symds.sys -- (SymDS)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.03.02 06:57:12 | 001,006,624 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.12.14 09:21:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.11.13 10:47:50 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009.10.05 19:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.08.11 09:19:18 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.08.06 11:16:00 | 009,824,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.07.20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.06 04:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009.07.01 06:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009.06.28 18:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.01.17 02:53:12 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.01.17 02:53:12 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.01.17 02:53:12 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009.01.17 02:53:12 | 000,007,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes,DefaultScope = {1F462129-B7D5-48B9-A35E-25FED89D6060}
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{006fc202-54e5-4a98-865d-48a34bbb50a0}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... ckSearch_1
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{1F462129-B7D5-48B9-A35E-25FED89D6060}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{22805593-6291-4A28-9383-8C21934AB4B8}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{283a1f4a-4e28-4cce-a5d5-0ebd9c267282}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_1
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... earchTerms}
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{6ef22a91-8acf-4f49-94dd-c3acdd99ed3b}: "URL" = http://search.seznam.cz/?q={searchTerms ... ckSearch_1
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{c194d923-9c96-4541-80fc-ac3116f4394f}: "URL" = http://www.mapy.cz/?query={searchTerms} ... ckSearch_1
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://start.icq.com/sk27211/"
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =827316&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012.09.29 17:56:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2012.10.11 18:31:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.20 20:26:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 21:03:52 | 000,000,000 | ---D | M]

[2010.02.08 22:52:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Extensions
[2011.07.24 18:59:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions
[2011.07.24 18:59:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.09.26 22:32:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\ztm0mc17.default\extensions
[2012.09.26 22:32:43 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\ztm0mc17.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.08.30 20:12:58 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\ztm0mc17.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.09.01 17:38:54 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\ztm0mc17.default\extensions\fastdial@telega.phpnet.us
[2011.10.31 19:52:00 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\ztm0mc17.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2011.02.22 19:55:04 | 000,001,034 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\searchplugins\icqplugin.xml
[2012.07.13 18:51:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.09.13 23:41:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.03.25 17:02:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.03.25 17:02:44 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2012.08.20 20:26:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.08.20 20:25:57 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.20 20:25:57 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.08.20 20:25:57 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.20 20:25:57 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.20 20:25:57 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.10.08 19:46:43 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [DTRun] C:\Program Files\ArcSoft\TotalMedia Theatre 3\uDTRun.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKLM..\Run: [EeeStorageBackup] C:\Program Files\ASUS\Asus WebStorage\BackupService.exe (ECAREME)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [LivCam] C:\Program Files\ASUS\LivCam\LivCam.exe (ASUSTek)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001..\Run: [Seznam Postak] C:\Users\Hanka\AppData\Local\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk = C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.107.4.100 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{176F3114-837F-4E9E-A88E-1976848CDDEE}: DhcpNameServer = 192.168.1.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9B383DF-A907-4F8B-83B9-0BA87B3240C4}: DhcpNameServer = 10.107.4.100 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5626bd4e-f57e-11df-9c77-1c4bd6013dfe}\Shell - "" = AutoRun
O33 - MountPoints2\{5626bd4e-f57e-11df-9c77-1c4bd6013dfe}\Shell\AutoRun\command - "" = E:\HPLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.10.11 19:05:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hanka\Desktop\OTL.exe
[2012.10.10 04:24:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2012.10.10 04:23:52 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2012.10.10 04:23:52 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2012.10.10 04:23:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 04:23:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 04:23:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 04:23:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 04:23:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 04:23:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 04:23:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 04:23:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 04:23:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 04:23:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 04:23:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 04:23:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 04:23:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 04:23:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 04:23:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 04:23:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 04:23:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 04:23:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 04:23:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 04:22:22 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2012.10.10 04:22:22 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2012.10.07 21:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.10.04 20:11:57 | 000,000,000 | ---D | C] -- C:\Users\Hanka\AppData\Roaming\ArcSoft Backup Application
[2012.10.02 21:47:34 | 000,000,000 | ---D | C] -- C:\Users\Hanka\AppData\Local\NPE
[2012.10.02 19:05:13 | 000,924,320 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1309000.009\symefa.sys
[2012.10.02 19:05:13 | 000,574,112 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1309000.009\srtsp.sys
[2012.10.02 19:05:13 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1309000.009\symds.sys
[2012.10.02 19:05:13 | 000,318,584 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1309000.009\symnets.sys
[2012.10.02 19:05:13 | 000,149,624 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1309000.009\ironx86.sys
[2012.10.02 19:05:13 | 000,032,928 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1309000.009\srtspx.sys
[2012.10.02 19:05:12 | 000,132,768 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1309000.009\ccsetx86.sys
[2012.10.02 19:04:55 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\NIS\1309000.009
[2012.09.30 18:25:06 | 000,000,000 | ---D | C] -- C:\Users\Hanka\AppData\Local\CrashDumps
[2012.09.30 18:20:37 | 000,000,000 | ---D | C] -- C:\Users\Hanka\AppData\Roaming\CoSoSys
[2012.09.29 19:09:25 | 000,924,320 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1308000.00E\symefa.sys
[2012.09.29 19:09:25 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1308000.00E\symds.sys
[2012.09.29 19:09:25 | 000,318,584 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1308000.00E\symnets.sys
[2012.09.29 19:09:25 | 000,032,928 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1308000.00E\srtspx.sys
[2012.09.29 19:09:24 | 000,574,112 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1308000.00E\srtsp.sys
[2012.09.29 19:09:24 | 000,149,624 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1308000.00E\ironx86.sys
[2012.09.29 19:09:24 | 000,132,768 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NIS\1308000.00E\ccsetx86.sys
[2012.09.29 19:08:43 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\NIS\1308000.00E
[2012.09.29 17:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012.09.29 17:54:12 | 000,141,944 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS
[2012.09.29 17:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012.09.29 17:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012.09.29 17:51:40 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\NIS
[2012.09.29 17:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2012.09.29 17:51:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012.09.29 17:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.09.29 17:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012.09.29 17:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.09.26 07:16:45 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OxpsConverter.exe
[2012.09.22 21:20:34 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012.09.22 21:20:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012.09.22 21:20:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012.09.22 21:20:30 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2012.09.22 21:20:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012.09.22 21:20:25 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012.09.22 21:20:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012.09.22 21:20:18 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012.09.12 19:53:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys
[2012.09.12 19:53:44 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys
[2012.09.12 19:53:44 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS
[2012.09.12 19:53:41 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 05:05
od hannah11
========== Files - Modified Within 30 Days ==========

[2012.10.11 19:37:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.11 19:06:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hanka\Desktop\OTL.exe
[2012.10.11 19:02:56 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.11 19:02:56 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.11 18:29:09 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.10.11 18:29:02 | 001,621,625 | ---- | M] () -- C:\windows\System32\drivers\NIS\1308000.00E\Cat.DB
[2012.10.11 18:28:53 | 603,332,608 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.08 19:46:43 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2012.10.07 21:03:56 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.10.03 07:36:22 | 000,009,103 | ---- | M] () -- C:\windows\System32\drivers\NIS\1308000.00E\VT20121002.018
[2012.10.01 19:16:38 | 000,631,292 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2012.10.01 19:16:38 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012.10.01 19:16:38 | 000,121,914 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2012.10.01 19:16:38 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012.09.30 00:34:56 | 000,002,423 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012.09.29 17:54:12 | 000,141,944 | ---- | M] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS
[2012.09.29 17:54:12 | 000,007,468 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.CAT
[2012.09.29 17:54:12 | 000,000,806 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.INF
[2012.09.26 12:34:14 | 000,000,172 | ---- | M] () -- C:\windows\System32\drivers\NIS\1309000.009\isolate.ini
[2012.09.21 21:10:11 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012.09.21 21:10:10 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012.09.14 20:28:53 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\tzres.dll

========== Files Created - No Company Name ==========

[2012.10.11 19:37:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.07 21:03:53 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.10.07 21:03:53 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.10.03 07:39:45 | 000,009,103 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\VT20121002.018
[2012.10.02 19:05:13 | 000,007,492 | R--- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\symds.cat
[2012.10.02 19:05:13 | 000,007,458 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\symnet.cat
[2012.10.02 19:05:13 | 000,007,450 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\iron.cat
[2012.10.02 19:05:13 | 000,007,398 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\srtspx.cat
[2012.10.02 19:05:13 | 000,003,435 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\symefa.inf
[2012.10.02 19:05:13 | 000,002,852 | R--- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\symds.inf
[2012.10.02 19:05:13 | 000,001,441 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\symnet.inf
[2012.10.02 19:05:13 | 000,001,388 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\srtspx.inf
[2012.10.02 19:05:13 | 000,001,388 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\srtsp.inf
[2012.10.02 19:05:13 | 000,000,742 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\iron.inf
[2012.10.02 19:05:12 | 000,007,446 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\ccsetx86.cat
[2012.10.02 19:05:12 | 000,000,827 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\ccsetx86.inf
[2012.10.02 19:04:55 | 000,008,942 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\symvtcer.dat
[2012.10.02 19:04:55 | 000,007,434 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\symefa.cat
[2012.10.02 19:04:55 | 000,007,380 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\srtsp.cat
[2012.10.02 19:04:55 | 000,000,172 | ---- | C] () -- C:\windows\System32\drivers\NIS\1309000.009\isolate.ini
[2012.09.30 00:33:21 | 001,621,625 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\Cat.DB
[2012.09.29 19:09:25 | 000,007,492 | R--- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\symds.cat
[2012.09.29 19:09:25 | 000,007,458 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\symnet.cat
[2012.09.29 19:09:25 | 000,003,435 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\symefa.inf
[2012.09.29 19:09:25 | 000,002,852 | R--- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\symds.inf
[2012.09.29 19:09:25 | 000,001,441 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\symnet.inf
[2012.09.29 19:09:24 | 000,007,450 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\iron.cat
[2012.09.29 19:09:24 | 000,007,446 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\ccsetx86.cat
[2012.09.29 19:09:24 | 000,007,398 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\srtspx.cat
[2012.09.29 19:09:24 | 000,001,388 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\srtspx.inf
[2012.09.29 19:09:24 | 000,001,388 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\srtsp.inf
[2012.09.29 19:09:24 | 000,000,827 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\ccsetx86.inf
[2012.09.29 19:09:24 | 000,000,742 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\iron.inf
[2012.09.29 19:08:43 | 000,007,434 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\symefa.cat
[2012.09.29 19:08:43 | 000,007,380 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\srtsp.cat
[2012.09.29 19:08:43 | 000,000,172 | ---- | C] () -- C:\windows\System32\drivers\NIS\1308000.00E\isolate.ini
[2012.09.29 17:54:12 | 000,007,468 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.CAT
[2012.09.29 17:54:12 | 000,000,806 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.INF
[2012.09.29 17:53:50 | 000,002,423 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011.08.31 21:59:19 | 000,000,177 | ---- | C] () -- C:\ProgramData\LockFilePath.ini
[2010.12.31 00:33:08 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll
[2010.12.31 00:33:06 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2010.12.31 00:32:58 | 000,810,496 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2010.12.31 00:32:58 | 000,183,808 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2010.12.31 00:32:56 | 000,080,896 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2010.11.28 23:46:01 | 000,000,173 | ---- | C] () -- C:\Users\Hanka\webct_upload_applet.properties
[2010.05.15 21:34:16 | 000,002,528 | ---- | C] () -- C:\Users\Hanka\AppData\Roaming\$_hpcst$.hpc
[2010.02.02 21:11:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.02 11:21:30 | 000,000,000 | ---- | C] () -- C:\Users\Hanka\AppData\Roaming\wklnhst.dat
[2009.11.04 01:23:05 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.09.10 15:32:04 | 000,038,481 | ---- | C] () -- C:\Users\Hanka\Nabídka Start.rar

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009.11.04 01:15:20 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Asus WebStorage
[2009.11.04 01:15:20 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Asus WebStorage
[2011.11.27 21:00:34 | 000,000,000 | -HSD | M] -- C:\Users\Hanka\AppData\Roaming\.#
[2010.02.03 01:38:17 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Asus
[2010.02.07 01:36:42 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Asus WebStorage
[2012.09.30 18:20:37 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\CoSoSys
[2010.02.03 01:39:01 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\EeeStorageUploader
[2010.02.03 01:41:48 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\GameConsole
[2012.10.07 18:43:43 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ICQ
[2011.08.17 20:56:56 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ML
[2010.04.25 20:44:23 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Nokia
[2010.02.03 01:09:47 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Opera
[2010.04.24 08:47:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\PC Suite
[2010.05.15 21:34:11 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Samsung
[2010.02.07 01:37:47 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\temp
[2010.02.06 01:21:33 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Template
[2012.05.14 13:31:07 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Usenet.nl
[2012.10.08 18:53:07 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\uTorrent
[2010.11.25 20:57:32 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Windows Live Writer
[2010.11.14 20:37:54 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,524 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\System32\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.11.17 09:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012.06.02 06:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 06:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 19:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012.08.22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012.08.22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 07:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 07:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\System32\drivers\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[17 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.11.27 21:00:34 | 000,000,000 | -HSD | M] -- C:\Users\Hanka\AppData\Roaming\.#
[2010.02.02 19:24:10 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Adobe
[2012.01.04 19:33:59 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Apple Computer
[2010.11.21 16:58:18 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ArcSoft
[2012.10.04 20:11:57 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ArcSoft Backup Application
[2010.02.03 01:38:17 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Asus
[2010.02.07 01:36:42 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Asus WebStorage
[2012.09.30 18:20:37 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\CoSoSys
[2010.02.03 01:39:01 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\EeeStorageUploader
[2010.02.03 01:41:48 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\GameConsole
[2010.11.21 17:00:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application
[2010.11.21 17:00:28 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\HPSS
[2012.10.07 18:43:43 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ICQ
[2009.07.14 06:54:12 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Identities
[2009.11.04 00:49:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\InstallShield
[2009.11.04 00:57:29 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Macromedia
[2010.08.22 15:28:24 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Malwarebytes
[2010.03.08 21:15:47 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Media Player Classic
[2012.06.24 18:47:00 | 000,000,000 | --SD | M] -- C:\Users\Hanka\AppData\Roaming\Microsoft
[2011.08.17 20:56:56 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ML
[2010.02.08 22:52:46 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Mozilla
[2010.04.25 20:44:23 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Nokia
[2010.02.03 01:09:47 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Opera
[2010.04.24 08:47:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\PC Suite
[2010.05.15 21:34:11 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Samsung
[2012.09.22 11:29:12 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Skype
[2012.03.02 16:56:12 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\skypePM
[2010.02.07 01:37:47 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\temp
[2010.02.06 01:21:33 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Template
[2012.05.14 13:31:07 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Usenet.nl
[2012.10.08 18:53:07 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\uTorrent
[2010.07.16 17:13:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Winamp
[2010.11.25 20:57:32 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Windows Live Writer
[2010.03.18 20:14:03 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\WinRAR
[2010.11.14 20:37:54 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010.05.11 19:58:15 | 015,804,797 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\Asus\ASUS Vibe\ASUSVibeSetup.exe
[2012.03.01 12:21:22 | 000,176,128 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
[2007.06.29 13:23:32 | 000,053,248 | ---- | M] (Prolific Technology Inc.) -- C:\Users\Hanka\AppData\Roaming\CoSoSys\HDDtoGO\IoctlSvc.exe
[2012.03.01 12:20:54 | 000,049,152 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\CoSoSys\HDDtoGO\PLIoctlInstaller.exe
[2010.07.01 11:34:52 | 000,050,744 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\BackupServiceInstaller.exe
[2010.07.01 11:35:34 | 000,091,704 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\CheckVersion.exe
[2010.07.01 11:35:50 | 000,058,936 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\CloseServerApp.exe
[2010.09.02 14:22:30 | 000,628,632 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\HPSSBackup.exe
[2010.09.02 14:23:14 | 000,681,880 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
[2010.09.02 14:24:00 | 000,616,344 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\HPSSRestore.exe
[2010.07.01 11:37:22 | 000,046,648 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\MoveSimpleSave.exe
[2010.07.01 11:37:52 | 000,046,648 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\RecoverSimpleSave.exe
[2010.09.03 11:45:50 | 000,481,176 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
[2009.05.24 01:26:11 | 000,069,632 | ---- | M] (ArcSoft, Inc.) -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\UACToken.exe
[2010.07.01 11:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
[2010.07.01 11:39:02 | 000,139,320 | ---- | M] (ArcSoft, Inc.) -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\VSSCpy.exe
[2010.07.01 11:38:44 | 000,177,208 | ---- | M] (ArcSoft, Inc.) -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\VSSCpy64.exe
[2010.07.01 11:39:18 | 000,071,224 | ---- | M] (ArcSoft, Inc.) -- C:\Users\Hanka\AppData\Roaming\HP SimpleSave Application\VSSUACToken.exe
[2010.02.07 01:37:15 | 000,000,000 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\temp\ICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.10.11 19:02:56 | 000,009,920 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.11 19:02:56 | 000,009,920 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 06:17:56 | 062,968,832 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\MRT.exe
[2012.10.11 20:25:10 | 000,121,914 | ---- | M] () -- C:\windows\system32\perfc005.dat
[2012.10.11 20:25:10 | 000,106,388 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2012.10.11 20:25:10 | 000,631,292 | ---- | M] () -- C:\windows\system32\perfh005.dat
[2012.10.11 20:25:10 | 000,616,008 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2012.10.11 20:25:10 | 001,470,062 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Seznam Postak" = "C:\Users\Hanka\AppData\Local\Seznam.cz\bin\postak.exe" -s -- [2012.01.10 16:16:10 | 000,491,040 | ---- | M] ()
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe -- [2009.07.14 03:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.11 19:37:36 | 000,000,512 | ---- | M] () MD5=841529B5DC91DD7C3FB6424257D11B6A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.11.27 10:49:31 | 000,001,644 | ---- | M] () -- \Users\Hanka\AppData\Local\VirtualStore\Program Files\ASUS\Game Park\Alices Magical Mahjong\resources\crack1.png
[2011.11.27 10:49:31 | 000,003,700 | ---- | M] () -- \Users\Hanka\AppData\Local\VirtualStore\Program Files\ASUS\Game Park\Alices Magical Mahjong\resources\crack2.png
[2011.04.30 04:59:18 | 003,540,033 | ---- | M] () -- \Users\Hanka\Music\DESORDEN PUBLICO\2006 - las estrellas del caos\09 crack.mp3
[2012.07.09 20:02:20 | 033,221,085 | ---- | M] () -- \Users\Hanka\Music\Faith No More\Angel Dust 1992\11. Faith No More - Crack Hitler.flac
[2008.09.14 13:40:05 | 001,670,790 | ---- | M] () -- \Users\Hanka\Music\Toy Dolls\Fat Bob's Feet (1991)\Toy Dolls - Fat Bob's Feet (1991) - 06 - Olga Crack Corn!.mp3
[2010.05.15 22:30:37 | 000,007,357 | ---- | M] () -- \Users\Hanka\Pictures\obrázky\z mobilu\Cracks.jpg

< *keygen* /s >

< *loader* /s >
[2009.08.25 09:47:14 | 000,079,120 | ---- | M] () -- \Program Files\ASUS\Asus WebStorage\EeeStorageUploader.exe
[2011.02.06 10:58:56 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.02.06 10:58:57 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.02.06 10:58:55 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.11 18:31:10 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.02.06 10:59:24 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.02.06 10:59:24 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.10.05 15:59:46 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.10.05 15:59:47 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.10.05 15:59:45 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.10.05 16:00:16 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.6\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.12.14 09:20:48 | 000,086,016 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\cryptoloader.dll
[2009.12.16 17:20:00 | 000,287,744 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSACDMADownloader.dll
[2009.12.14 09:20:16 | 000,287,744 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2009.12.14 10:05:46 | 000,069,632 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSEmpLoader.dll
[2009.12.14 09:20:16 | 000,285,184 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2009.12.14 09:19:48 | 000,282,112 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsNpDownloader.dll
[2009.12.14 09:21:22 | 000,208,896 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[1 \Program Files\Samsung\Samsung New PC Studio\*.tmp files -> \Program Files\Samsung\Samsung New PC Studio\*.tmp -> ]
[2009.12.14 10:22:44 | 000,262,144 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008.11.25 16:52:24 | 000,266,240 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2009.12.14 11:31:58 | 000,274,432 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader_W7750.dll
[2010.02.10 19:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.06.24 16:02:52 | 000,003,406 | ---- | M] () -- \Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\ztm0mc17.default\extensions\fastdial@telega.phpnet.us\chrome\content\tabloader.js
[2006.09.01 17:07:08 | 003,354,460 | ---- | M] () -- \Users\Hanka\Music\Mix\Pure_Devotion-Free_loader.mp3
[2009.11.04 01:00:11 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.10.11 18:34:38 | 000,072,072 | ---- | M] () -- \Windows\Prefetch\EEESTORAGEUPLOADER.EXE-B4EF7B0C.pf
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.06.20 21:13:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.06.20 21:13:59 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.06.20 21:13:59 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.02.27 00:27:12 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.02.27 00:27:12 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.02.27 00:27:12 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.06.20 21:13:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.04.11 01:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.05.14 11:47:03 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.04.14 18:20:46 | 000,415,592 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.14 18:20:46 | 000,141,168 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.14 18:20:46 | 000,321,376 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Xml.Serialization.dll
[2010.03.01 22:17:59 | 000,001,406 | ---- | M] () -- \Users\Hanka\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fiserialy.sk%2Ffavicon.ico
[2010.03.01 22:17:59 | 000,000,100 | ---- | M] () -- \Users\Hanka\AppData\Local\Opera\Opera\icons\iserialy.sk.idx
[2009.06.20 21:13:40 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.20 21:13:48 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.11 17:51:51 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.11 20:45:16 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
[2012.05.11 09:53:22 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.11 09:53:05 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
[2012.05.11 10:00:33 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
[2011.06.18 19:43:31 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.13 20:36:22 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.18 19:43:30 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.06.13 20:36:18 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.06.13 20:36:36 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.06.20 21:13:36 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.06.20 21:13:45 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.06.20 21:13:58 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.06.20 21:12:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.20 21:13:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.06.20 21:13:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.06.20 21:13:35 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.20 21:13:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.06.20 21:13:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.20 21:13:45 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:70558875
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:9E22BBE8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:84744B34
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:B6BABAE1
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:3BAD46F6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:390B30B4

< End of report >

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 05:07
od hannah11
log Extras

OTL Extras logfile created on: 11.10.2012 19:28:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hanka\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

767,18 Mb Total Physical Memory | 173,54 Mb Available Physical Memory | 22,62% Memory free
1,75 Gb Paging File | 0,52 Gb Available in Paging File | 29,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 5,05 Gb Free Space | 5,05% Space Free | Partition Type: NTFS
Drive D: | 122,87 Gb Total Space | 47,29 Gb Free Space | 38,49% Space Free | Partition Type: NTFS

Computer Name: HANKA-PC | User Name: Hanka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2022747962-2378394095-1932718884-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1669C53B-C9D1-457D-8EF3-BB7ED3D33976}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D8B13BF-ECEA-45BF-841A-F731AE789DA1}" = lport=139 | protocol=6 | dir=in | app=system |
"{22972071-C4F4-4EDD-96A4-E47C3576325A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2509FFB7-A0B0-4D57-80B3-3C43A506B8C5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{276ADECD-4790-4A13-919C-CB3981D71A43}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B290101-EB0D-4F37-8BF9-4D88E2C10D53}" = rport=137 | protocol=17 | dir=out | app=system |
"{2CEDD490-9DAA-4A76-A8C7-988881114EB1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{46AF997F-707C-401F-9569-939BB9C0EF02}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4CD10350-1CDA-4754-9956-64CAE1FAF873}" = lport=137 | protocol=17 | dir=in | app=system |
"{5412CD0C-5379-46EC-BB96-62D0B3E5573C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{54595F58-1C02-4055-A853-DF2A20AAA9C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5BD80F1C-8922-443F-9098-EB5C6BCB4286}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6241BA2D-C6F2-4100-BF74-07A1574A14CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{70CD9521-4D20-4EE5-9D78-24FD204D33D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{75A58F5E-AEE2-407B-BE76-4C390746777D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8F866603-1856-4723-9147-AC4515895AC1}" = lport=445 | protocol=6 | dir=in | app=system |
"{93D4B401-6852-428D-88E3-5BFD1BCFF138}" = rport=138 | protocol=17 | dir=out | app=system |
"{9938E670-0719-4076-A998-A6411FDBC1D9}" = rport=445 | protocol=6 | dir=out | app=system |
"{9C63431B-CD8A-4E02-8EC6-7D56CB69A2A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AFC8069D-7D6B-43A1-9AD2-6BE5B286776A}" = rport=139 | protocol=6 | dir=out | app=system |
"{C0F27B3E-C6A8-457F-9A3D-70CBAF4727E2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C39C76BE-EA40-41B4-9EB7-007747F3A865}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD1D66E5-AEA1-4C05-8A1D-3E217B98B89C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DAADB97A-2B65-4998-AC3B-D5CB76F5561F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE093448-9C07-4CC8-8465-F917E3752CCF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E58D8ED7-F943-4C84-8116-71C8B04AFD32}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FD626BE5-E6EC-43FE-A8C5-DC84C403C08A}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10E267E6-2C8E-4CBF-B857-C77E43DAED51}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{126B9800-6550-4178-809A-B71552BFF76D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{1636918C-1A10-4C9D-9B2C-70F662E8699F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2568C9A0-042C-4CF5-B630-2CFD4C0BF338}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{279C4EFA-7558-40A3-A86D-3190D1DFDB99}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2D1D0BBF-353D-438D-8547-03AADB6BA803}" = protocol=58 | dir=in | app=system |
"{36370D6E-87C4-48A1-9585-8A49F2AF6728}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{38BF62C5-9742-4D17-A4EF-CBFE2AA9B207}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{3A2ED56F-342B-4E91-B013-076795D25B53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3F87B4D6-E1B4-446E-8B7B-2FB139A70725}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4C23D68B-59B1-4523-906E-A736AB7E6811}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{4E25F437-4B07-4B24-B9E0-ACABBC449F4E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{50BDC2A2-C534-4C12-B087-5F54C397BAB0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5AF57EBF-D339-44A3-942F-7729B59FE7D9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6475F34E-1219-44AF-BC77-F07A0E249E97}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6492D86F-0E8C-4A3F-A6F5-0310BC86FB38}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{714B6BAB-4D03-4F0A-922F-747FBDF2FCFF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{723ADD8D-1348-41C1-B3ED-95CAEBA32FB8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{74ACA3A1-0DFB-49BE-933D-8996179CFB7A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{7AE61C7B-FCF4-47D7-A40F-7284CB08B914}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{8EB74A5C-780B-4CD4-BEEB-D47983E70BC7}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{964E4C14-254A-4465-B2F0-C2AFF7BDE121}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{96AC7A81-CE59-4FB9-9947-55B8F5BC7E16}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{981BD3B2-CAE7-411E-AA63-98D535CA65A3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C302A67-CA68-4626-9EB0-BA53A2E01E13}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{A3E911CC-E672-4283-B164-3C5A0B2AEBCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A7A80564-69F6-4DE4-96AA-6B8EBD70CB9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BBAFF495-1736-4405-9E28-B28DAFA089F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C4361929-CF70-4467-B23B-516C852358A2}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{E055EEDA-0F0F-4205-8292-BAE5378BE250}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E31F44CE-545B-44E5-B1DA-8AE464B087D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E82A4F8B-347A-4C9A-83E2-82DAFBD0EBCC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA51148E-7F88-4D5E-A586-39A637432A69}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{ED291FC9-7740-47CD-9841-A1BF36B40C1E}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{F6FB1E6F-1C18-4668-A713-6C527409290B}" = protocol=6 | dir=out | app=system |
"{FA2C86A4-B4EB-4F68-9646-2A2E19D034D7}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{FA475C68-BE95-46B2-A68D-6B0230A0BB63}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FC165801-6F06-40BD-80DB-DE804C1AC0AC}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{FE60F4E1-00E7-4D09-8C26-DA8E9EA3DB85}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{22135264-1C0F-4526-9E68-4577021649C4}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{293A7644-E418-4C59-9CF3-C6B607D81C84}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{5B6E1704-B516-4CAA-BE80-FCAD2C8BA39B}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{7FDE71AA-6A54-4E7B-8067-AD745708A82E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{AC93D631-C12B-4EA2-AB8F-3FA6FB83D335}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{B190D865-05E1-4512-A439-0C8EFDC2CE5F}C:\program files\icq7.6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"TCP Query User{FECA0A2A-D178-4EB8-909A-B722C51CE84E}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{45C88631-38BB-435B-B05D-290BB3FA5ABE}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{4C77FF56-CE11-4526-8B0A-0B06E9F79A8F}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{4FFEFF37-5B17-48E6-8B40-F6C87C84A921}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{81E701CA-22A7-4967-8246-42CE5DE1981E}C:\program files\icq7.6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"UDP Query User{9617B25D-0EFD-4468-A575-F69575E8C5A0}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{AD5A8067-5B77-4D0D-9A8C-CB6518B89555}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{BB0A8320-45A2-4FC4-8C8C-AC416619B989}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28A25E3A-2855-4A39-B72B-50BF80FB86C5}" = Windows Live Family Safety
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67F04A32-38FA-4F77-AEDA-1EBA551605EC}" = ArcSoft TotalMedia Theatre 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{75E9CAA3-B336-439D-85FB-7C7B2ACA1A16}" = LivCam
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0017-0405-0000-0000000FF1CE}_OMUI.cs-cz_{13E6D9FD-5FE8-43A6-9874-515A50909DEF}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_OMUI.cs-cz_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.cs-cz_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.cs-cz_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_OMUI.cs-cz_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0100-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}" = ZTE Drivers 1.2050.0.11
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BB5E5F87-E939-4974-A006-2B4A2F60EEA3}_is1" = Game Park Console
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBBC37B3-6920-4C33-842F-EBD0B8E3FC74}" = ebi.BookReader3J
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35D5A5E-7739-49DB-8A0E-23E2E8F99D1A}" = Motorola Mobile Drivers Installation 5.9.0
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FAD8718D-950E-468D-BDE2-17D4D6F1EA6A}" = FontResizer
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"0429C83BF3D339C1124123DE7C09E7270401CD2F" = Balíček ovladače systému Windows - Sony Ericsson (s0016obex) Ports (04/24/2008 4.44.2.0)
"08E697F4E31A9ACFCBC25036CB330BA3395DDDCF" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/23/2007 1.0)
"0D41E334593358704ECFD9DF4A74E3F4B3D1FA1D" = Balíček ovladače systému Windows - Sony Ericsson (s115obex) Ports (04/23/2007 4.40.2.1)
"109D031BEF45E240AD9683FCD5C54D934FAA9318" = Balíček ovladače systému Windows - Sony Ericsson (s115bus) USB (04/23/2007 4.40.2.1)
"11D3A85AC16C73BEEBFEB2985C128C86EBA49D04" = Balíček ovladače systému Windows - Sony Ericsson (WinUSB) sa0101UsbDeviceClass (04/30/2010 2.0.0010.000022)
"135BA876F1731B81FED3C1FF03D3AC95795EE2F3" = Balíček ovladače systému Windows - Sony Ericsson Net (02/23/2011 6.0.6000.16489)
"16EDC03E692BE65607F19D23D9B29D14AC915B68" = Balíček ovladače systému Windows - Sony Ericsson (s0016mdm) Modem (04/24/2008 4.44.2.0)
"17204220872ED111F51F90FAB365F56414167791" = Balíček ovladače systému Windows - Sony Ericsson (s1029mgmt) Ports (05/20/2009 4.50.7.1)
"17D02EE7FF8F690E06CF9A7708F544AB0D4180D0" = Balíček ovladače systému Windows - Sony Ericsson (s1018mdm) Modem (03/19/2009 4.50.3.8)
"19D6155C7C034672471655447FAE7AD0B9D1734F" = Balíček ovladače systému Windows - Sony Ericsson (s0016mgmt) Ports (04/24/2008 4.44.2.0)
"1D334EB7332F440A6028CDF56FBE885997E59AFF" = Balíček ovladače systému Windows - Sony Ericsson (se3emgmt) Ports (04/10/2007 4.40.2.0)
"21A72D111CB856F48E8553B4A88146C2BC54A56E" = Balíček ovladače systému Windows - Sony Ericsson (s0017mgmt) Ports (10/01/2008 4.50.3.0)
"24546D57DA8218560E59BF3347D1351FDEBB50B7" = Balíček ovladače systému Windows - Sony Ericsson (s1039nd5) Net (03/05/2010 5.02.0.2)
"2613FC894CE6F419A0A5926E216959B93DD1B719" = Balíček ovladače systému Windows - Sony Ericsson (a016mdm) Modem (10/23/2007 4.42.0.0)
"262CB07C47460C8CEC34D6ECDCE2976E9AFF7229" = Balíček ovladače systému Windows - Sony Ericsson (s1029nd5) Net (05/20/2009 4.50.7.1)
"26DB22792BE9F17888E8A0D8584AF75CFF65475C" = Balíček ovladače systému Windows - Sony Ericsson (s1029bus) USB (05/20/2009 4.50.7.1)
"2DF1AB6122F363FFE09B7CC93FE1CD90FFFBF5B3" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/24/2007 1.1)
"2F93E6B0EC1639D421A9CCD8C06539D70A2C9D8D" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Ports (12/26/2007 4.40.6.0)
"3038F810531A3119D8408813AB675523F4BD5634" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Ports (12/26/2007 4.40.6.0)
"39CC6A9E9ECD57BCA435834B68588E59D4D1262E" = Balíček ovladače systému Windows - Sony Ericsson (se3ebus) USB (04/10/2007 4.40.2.0)
"39E83E1A16EC99A3551A9B7EE249E49CF43461B8" = Balíček ovladače systému Windows - Sony Ericsson Image (03/15/2010 1.0.1039.4)
"3B65F5281FAC2BDEC493E64B8E5BDC43DE0B94A6" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdmc) USB (12/26/2007 4.40.6.0)
"3C49648B12294915EBBBCB55F616F7A041FC1D18" = Balíček ovladače systému Windows - Sony Ericsson (s1039unic) USB (03/05/2010 5.02.0.2)
"3E15961F36095296129AD680597BCB32B73995AB" = Balíček ovladače systému Windows - Sony Ericsson (se3emdm) Modem (04/10/2007 4.40.2.0)
"4289980582B5E07F22B397BAD84B50FCA3917D22" = Balíček ovladače systému Windows - Sony Ericsson (s1018obex) Ports (03/19/2009 4.50.3.8)
"46250DAA3D263C8EEFA78F621BF514BFD19C225B" = Balíček ovladače systému Windows - Sony Ericsson Image (05/05/2008 1.0.0.0017)
"47A204C691C402BC5056438578C6E18BC3AE7437" = Balíček ovladače systému Windows - Sony Ericsson (s0017nd5) Net (10/01/2008 4.50.3.0)
"4ABA4C9DACE36B9B4789403BF98691A1C4BAAEA7" = Balíček ovladače systému Windows - Sony Ericsson (s115mdm) Modem (04/23/2007 4.40.2.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"54EA2ABFB38AEA1D8808B8D08E68201B9FDB025A" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Modem (12/26/2007 4.40.6.0)
"57D40D26ECB043E4AD3C09AE0476B797343DA9BC" = Balíček ovladače systému Windows - Sony Ericsson (s0017bus) USB (10/01/2008 4.50.3.0)
"59A2AFF064B823BE53673BEE04D1F520823F56F5" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrobex) Ports (12/26/2007 4.40.6.0)
"6166182E0807B1F61A8C501DFE6EA4E5DFF5295F" = Balíček ovladače systému Windows - Sony Ericsson (WinUSB) sa0102AdbDeviceClass (02/23/2011 2.0.0010.20021)
"663EECF94410E12900879414313CF0662FB57E58" = Balíček ovladače systému Windows - Sony Ericsson (a016mgmt) Ports (10/23/2007 4.42.0.0)
"6780F07F8FC84A64A57296168DAD2A0463D659CE" = Balíček ovladače systému Windows - Sony Ericsson (a016obex) Ports (10/23/2007 4.42.0.0)
"689DD8E590BF4B776FBA3A5E38FD2F9A23FB0824" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/24/2007 1.1)
"709135B1DA9E308D1513FCD2EB36A6A8C8CD7CD0" = Balíček ovladače systému Windows - Sony Ericsson (s916mgmt) Ports (09/05/2007 4.40.8.1)
"75E902C9B20895327D1E6BF88286F8CC614B7245" = Balíček ovladače systému Windows - Sony Ericsson (s0016bus) USB (04/24/2008 4.44.2.0)
"7D74DC13D399488BE61FE2D0C92555961BE47BEE" = Balíček ovladače systému Windows - Sony Ericsson (s916mdm) Modem (09/05/2007 4.40.8.1)
"81F81A8A63F4CC87AE4982DB853BC382E55C1A4C" = Balíček ovladače systému Windows - Sony Ericsson (s1018unic) USB (03/19/2009 4.50.3.8)
"8A7F5671EC779A9A82F2E6209E43A4E0C1816E02" = Balíček ovladače systému Windows - Sony Ericsson (a016bus) USB (10/23/2007 4.42.0.0)
"8D269E962B10AF71808080CF7F33CC94772B1446" = Balíček ovladače systému Windows - Sony Ericsson (s0016unic) USB (04/24/2008 4.44.2.0)
"9242EC6DBC52A93FDA84B5FE2B02653CEA3D98AE" = Balíček ovladače systému Windows - Sony Ericsson (s1039mdm) Modem (03/05/2010 5.02.0.2)
"96AED80AC6A53E68E8699AB48F8AF24C84C7615C" = Balíček ovladače systému Windows - Sony Ericsson Image (05/25/2009 1.0.1029.2)
"9D436EB62113A1B8D4005A5FF7972FA212310015" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (03/26/2007 1.0)
"A48268F8402FB24EA6170A60F5983FB76490F8AA" = Balíček ovladače systému Windows - Sony Ericsson (s1029mdm) Modem (05/20/2009 4.50.7.1)
"A50817ADD6FCBB0F8698362990089F725794BF68" = Balíček ovladače systému Windows - Sony Ericsson (s916obex) Ports (09/05/2007 4.40.8.1)
"AA95F906B038B74C48CE136D1E4807F7CAC19AE4" = Balíček ovladače systému Windows - Sony Ericsson (s1039obex) Ports (03/05/2010 5.02.0.2)
"AAA1C5FD85F0DB2A12BC54F4F54474B941E09678" = Balíček ovladače systému Windows - Sony Ericsson (s1029obex) Ports (05/20/2009 4.50.7.1)
"ADA4E68BF676A857D1E0709BB35F7F6429668027" = Balíček ovladače systému Windows - Sony Ericsson (s1039mgmt) Ports (03/05/2010 5.02.0.2)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFCC6BDFC2FB2718653394000206D98BECAAC196" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrbus) USB (12/26/2007 4.40.6.0)
"ASUS VIBE" = ASUS VIBE
"Asus WebStorage" = Asus WebStorage
"ASUS_EeePC1201N_Screensaver_EN" = ASUS_EeePC1201N_Screensaver_EN
"B2266955B3401017D8B83D9CAF4EB5EB9F4D0897" = Balíček ovladače systému Windows - Sony Ericsson (s0016nd5) Net (04/24/2008 4.44.2.0)
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B435435D376F485661EFD193425286C49D67E5C3" = Balíček ovladače systému Windows - Sony Ericsson (s1029unic) USB (05/20/2009 4.50.7.1)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BB70AAAEA6B28AAD780824FAD3581FD3B7C40EC6" = Balíček ovladače systému Windows - Sony Ericsson (s125mdm) Modem (04/24/2007 4.40.2.0)
"BE4863572DB309FF278A84708BBD66E3E249030E" = Balíček ovladače systému Windows - Sony Ericsson (s115mgmt) Ports (04/23/2007 4.40.2.1)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"C1C66E8B6A1F5FEA6A4BD682014FA9E74B9B3D21" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrceb) System (12/26/2007 4.40.6.0)
"C9679607CAD739A6F2468D9FA3B23E6825535AE9" = Balíček ovladače systému Windows - Sony Ericsson (se3eobex) Ports (04/10/2007 4.40.2.0)
"CA03B33EE331A54BD1E0401C924B76C6BE073CE5" = Balíček ovladače systému Windows - Sony Ericsson Image (03/25/2009 1.0.1018.7)
"CA4B4019807155E4031A3E9EA29D8D3B29E9AED3" = Balíček ovladače systému Windows - Sony Ericsson (s1039bus) USB (03/05/2010 5.02.0.2)
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner (remove only)
"CF7C7CDF0D9B1E9060AF7ACF8799ECAA751939EF" = Balíček ovladače systému Windows - Sony Ericsson (s0017mdm) Modem (10/01/2008 4.50.3.0)
"DBDCD462675537E6100CD8C8CF596F8719E36722" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB Image (10/28/2009 1.0.5.1)
"DE0847AF689430C84177751A3AB96DCE27768B4D" = Balíček ovladače systému Windows - Sony Ericsson (s916bus) USB (09/05/2007 4.40.8.1)
"DE63012B1E5F3E285AE7085001B9FAA11C715ABC" = Balíček ovladače systému Windows - Sony Ericsson (s1018mgmt) Ports (03/19/2009 4.50.3.8)
"Defraggler" = Defraggler
"E14B5972CD0723A804C5C1A7E57034DDBB36BF91" = Balíček ovladače systému Windows - Sony Ericsson (s125obex) Ports (04/24/2007 4.40.2.0)
"E4B0822B08012168DF40F5D97B91A18C81F791F2" = Balíček ovladače systému Windows - Sony Ericsson (s0017obex) Ports (10/01/2008 4.50.3.0)
"E505647D47DAF2622883E65DD8BF04C393FDCDCB" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB USB (12/26/2007 4.40.6.0)
"E797F532099E0E303F01468443198C5B5CABBDD5" = Balíček ovladače systému Windows - Sony Ericsson (s1018nd5) Net (03/19/2009 4.50.3.8)
"Eee Docking_is1" = Eee Docking 3.3.0
"F33D7CFC00F5F23AB61B26F60D76965B226EB223" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrsce) Ports (12/26/2007 4.40.6.0)
"F4268692E420234745EDD92C0DC1C84D4C2066FC" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (usbser) Modem (10/28/2009 1.0.5.1)
"FCCEA9CB401AFFF1FD9C03E20273628B00BCF2C2" = Balíček ovladače systému Windows - Sony Ericsson (s1018bus) USB (03/19/2009 4.50.3.8)
"FE8F10E0347BEDB8A4A80D75F52B12DF0EE97938" = Balíček ovladače systému Windows - Sony Ericsson (s125bus) USB (04/24/2007 4.40.2.0)
"FF230A83312D8BE69110F99FCD33E0F71378A140" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/29/2007 1.2)
"FFE433FB002FF1581FDC39452713A90091DA0306" = Balíček ovladače systému Windows - Sony Ericsson (s0017unic) USB (10/01/2008 4.50.3.0)
"FFE7AE445D5E541BA859B545F9A436F387D79A9E" = Balíček ovladače systému Windows - Sony Ericsson (s125mgmt) Ports (04/24/2007 4.40.2.0)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.7.0 (Full)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"OOBERegBackup_is1" = OOBERegBackup
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2022747962-2378394095-1932718884-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"szn-software-postak" = Seznam Pošťák 2 (Pouze já.)
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.1.2012 13:59:29 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WINWORD.EXE, verze: 12.0.6612.1000, časové
razítko: 0x4e725e75 Název chybujícího modulu: MSVCR80.dll, verze: 8.0.50727.6195,
časové razítko: 0x4dcddbf3 Kód výjimky: 0xc000000d Posun chyby: 0x00012640 ID chybujícího
procesu: 0xc9c Čas spuštění chybující aplikace: 0x01cccf991daa74f0 Cesta k chybující
aplikaci: C:\Program Files\Microsoft Office\Office12\WINWORD.EXE Cesta k chybujícímu
modulu: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
ID
zprávy: d6ff86c0-3bb4-11e1-a6b7-1c4bd6013dfe

Error - 10.1.2012 14:01:25 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WINWORD.EXE, verze: 12.0.6612.1000, časové
razítko: 0x4e725e75 Název chybujícího modulu: MSVCR80.dll, verze: 8.0.50727.6195,
časové razítko: 0x4dcddbf3 Kód výjimky: 0xc000000d Posun chyby: 0x00012640 ID chybujícího
procesu: 0x15d0 Čas spuštění chybující aplikace: 0x01cccfc1a1447630 Cesta k chybující
aplikaci: C:\Program Files\Microsoft Office\Office12\WINWORD.EXE Cesta k chybujícímu
modulu: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
ID
zprávy: 1c3767d0-3bb5-11e1-a6b7-1c4bd6013dfe

Error - 11.1.2012 13:01:49 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: postak.exe, verze: 0.0.0.0, časové razítko:
0x4cac8b5b Název chybujícího modulu: postak.exe, verze: 0.0.0.0, časové razítko:
0x4cac8b5b Kód výjimky: 0x40000015 Posun chyby: 0x0000ff0b ID chybujícího procesu:
0xf98 Čas spuštění chybující aplikace: 0x01ccd081e0294f40 Cesta k chybující aplikaci:
C:\Users\Hanka\AppData\Local\Seznam.cz\postak.exe Cesta k chybujícímu modulu: C:\Users\Hanka\AppData\Local\Seznam.cz\postak.exe
ID
zprávy: f2cdcf80-3c75-11e1-84aa-1c4bd6013dfe

Error - 12.1.2012 16:11:42 | Computer Name = Hanka-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 14.1.2012 9:46:29 | Computer Name = Hanka-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 16.1.2012 16:27:51 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: MiniBrowser.exe, verze: 1.0.0.1, časové
razítko: 0x4f0c4840 Název chybujícího modulu: MiniBrowser.exe, verze: 1.0.0.1, časové
razítko: 0x4f0c4840 Kód výjimky: 0xc0000005 Posun chyby: 0x0001c8ed ID chybujícího
procesu: 0x5d8 Čas spuštění chybující aplikace: 0x01ccd48d29991fc0 Cesta k chybující
aplikaci: C:\Users\Hanka\AppData\Local\Seznam.cz\bin\MiniBrowser.exe Cesta k chybujícímu
modulu: C:\Users\Hanka\AppData\Local\Seznam.cz\bin\MiniBrowser.exe ID zprávy: 8f8b2d00-4080-11e1-ab7a-1c4bd6013dfe

Error - 18.1.2012 13:46:30 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: MiniBrowser.exe, verze: 1.0.0.1, časové
razítko: 0x4f0c4840 Název chybujícího modulu: MiniBrowser.exe, verze: 1.0.0.1, časové
razítko: 0x4f0c4840 Kód výjimky: 0xc0000005 Posun chyby: 0x0001c8ed ID chybujícího
procesu: 0x1304 Čas spuštění chybující aplikace: 0x01ccd608f2a0ca40 Cesta k chybující
aplikaci: C:\Users\Hanka\AppData\Local\Seznam.cz\bin\MiniBrowser.exe Cesta k chybujícímu
modulu: C:\Users\Hanka\AppData\Local\Seznam.cz\bin\MiniBrowser.exe ID zprávy: 5a414300-41fc-11e1-bddd-1c4bd6013dfe

Error - 19.1.2012 14:52:37 | Computer Name = Hanka-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 23.1.2012 10:16:47 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: MiniBrowser.exe, verze: 1.0.0.1, časové
razítko: 0x4f0c4840 Název chybujícího modulu: MiniBrowser.exe, verze: 1.0.0.1, časové
razítko: 0x4f0c4840 Kód výjimky: 0xc0000005 Posun chyby: 0x0001c8ed ID chybujícího
procesu: 0x14b0 Čas spuštění chybující aplikace: 0x01ccd9d9624918b0 Cesta k chybující
aplikaci: C:\Users\Hanka\AppData\Local\Seznam.cz\bin\MiniBrowser.exe Cesta k chybujícímu
modulu: C:\Users\Hanka\AppData\Local\Seznam.cz\bin\MiniBrowser.exe ID zprávy: e1cf84c0-45cc-11e1-8885-1c4bd6013dfe

Error - 24.1.2012 12:30:57 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Error - 24.1.2012 12:32:13 | Computer Name = Hanka-PC | Source = Application Error
| ID = 1000

Description = Název chybující aplikace: ICQ.exe, verze: 7.6.0.5620, časové razítko: 0x4e899b5e
Název chybujícího modulu: Flash10k.ocx, verze: 10.1.85.3, časové razítko: 0x4c900ef8
Kód výjimky: 0xc0000005
Posun chyby: 0x00189cef
ID chybujícího procesu: 0x1644
Čas spuštění chybující aplikace: 0x01ccdaae07a479b0
Cesta k chybující aplikaci: C:\Program Files\ICQ7.6\ICQ.exe
Cesta k chybujícímu modulu: C:\windows\system32\Macromed\Flash\Flash10k.ocx
ID zprávy: f7dcfa90-46a8-11e1-a700-1c4bd6013dfe

Error encountered while reading event logs.

< End of report >

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 09:43
od Márty84
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{22805593-6291-4A28-9383-8C21934AB4B8}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =827316&p={searchTerms}
IE - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... sk27211&q={searchTerms}
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
[2011.07.24 18:59:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.02.22 19:55:04 | 000,001,034 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\searchplugins\icqplugin.xml
O3 - HKU\S-1-5-21-2022747962-2378394095-1932718884-1001\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
[17 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:70558875
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:9E22BBE8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:84744B34
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:B6BABAE1
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:3BAD46F6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:390B30B4
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.




:arrow: Bohuzel, OTL taky hlasi jen cast te RAMky

Zkuste toto http://www.windowstipy.cz/clanky/jak-na ... windows-7/

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 12:31
od hannah11
zasílám nový log

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Hanka
->Temp folder emptied: 712148 bytes
->Temporary Internet Files folder emptied: 18357938 bytes
->Java cache emptied: 1790195 bytes
->FireFox cache emptied: 325772477 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1214 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21208 bytes
RecycleBin emptied: 120320068 bytes

Total Files Cleaned = 445,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Hanka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2022747962-2378394095-1932718884-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2022747962-2378394095-1932718884-1001\Software\Microsoft\Internet Explorer\SearchScopes\{22805593-6291-4A28-9383-8C21934AB4B8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22805593-6291-4A28-9383-8C21934AB4B8}\ not found.
Registry key HKEY_USERS\S-1-5-21-2022747962-2378394095-1932718884-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.yahoo.com/search?fr=green ... =827316&p=" removed from keyword.URL
Prefs.js: "chr-greentree_ff&type=827316" removed from browser.search.param.yahoo-fr
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\63tlj1rk.default\searchplugins\icqplugin.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-2022747962-2378394095-1932718884-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2AD9.tmp\WindowsLive.Writer.HtmlEditor.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2AD9.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E6.tmp\AspNetMMCExt.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E6.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4430.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP474C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D74.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP66EF.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6834.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7B78.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP88E0.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP88FE.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9A35.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA5D0.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB4CE.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD96D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDEBC.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF24E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFAA4.tmp folder deleted successfully.
C:\windows\Installer\MSI6159.tmp deleted successfully.
C:\windows\Installer\MSI6496.tmp deleted successfully.
C:\windows\Installer\MSIDAAD.tmp deleted successfully.
ADS C:\ProgramData\Temp:70558875 deleted successfully.
ADS C:\ProgramData\Temp:9E22BBE8 deleted successfully.
ADS C:\ProgramData\Temp:84744B34 deleted successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:B6BABAE1 deleted successfully.
ADS C:\ProgramData\Temp:3BAD46F6 deleted successfully.
ADS C:\ProgramData\Temp:390B30B4 deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 10122012_124932

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 13:38
od hannah11
zkoušela jsem diagnostiku RAM ve W7, jak jste poradil, ale hlásí mi to, že je vše v pořádku, bez chyb. Ale je to zvláštní, zasílám technické parametry noťase, jestli to k něčemu pomůže

Procesor Frekvence procesoru [MHz]: 1 600
Typ procesoru: Intel Atom Displej/Grafika Grafická karta: nVidia ION
Rozlišení displeje: 1366 x 768
Typ displeje: WXGA
Optická mechanika/Pevný disk Optická mechanika: bez mechaniky
Počet pevných disků: 1
Velikosti úložného prostoru HDD (součet) [GB]: 250
Operační paměť Operační paměť: DDR2
Velikost operační paměti [MB]: 2 048
Připojení k síti Bluetooth: Ano
Typ síťové karty: 10/100
Wireless LAN (WiFi): Ano
Rozhraní HDMI port: Ano
VGA port: Ano
Webkamera: Ano
Hmotnost [kg]: 1,46
Předpokládaná doba výdrže (hodiny) "až": 5
Ostatní parametry LAN: Ano
Předinstalovaný OS: Windows 7 Home Premium
Výrobce grafického čipu: Intel

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 17:51
od Márty84
Cisteni zatim odlozime.

Napsal jsem kolegovi MiliNessovi, ktery se specializuje na HW. Byva tu hlavne v noci, tak az bude mit cas, neco vam snad napise :)

Kdyz se podivate do Ovladacich panelu, do Spravce zarizeni, nemate tam nejake vykricniky, nebo otazniky?

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 18:54
od hannah11
otazník mám jen u dalších zařízení, když rozkliknu, tak vykřičníky, 3x periferní zařízení bluetooth a 1x WD SES Device USB Device, ale to s tím asi nemá nic společného, že?


jinak děkuji za pomoc a k čištění se vrátíme, až bude vše vyřešeno?

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 19:02
od Márty84
Nemelo by to souviset, ale kdyz jde o pc, uz neverim nicemu, mozne je vsechno :lol:

Ano, az se proveri ta RAMka, docistime a uklidime :wink: Nevim totiz, co bude kolega chtit videt a mohli bychom mu treba neco nechtene smazat :)

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 12 říj 2012 22:15
od MiliNess
Ahoj, pravděpodobně bude vadný jeden paměťový modul nebo základní deska. To také bude důvod zpomalení.
Jaký je to typ NTB?
Stáhni a nainstaluj Everest, spusť ho, v pravo klikni na Zkladní deska, nahoře v nabídce Zpráva
zvol Rychlá zpráva a ulož to do MHTML. Výsledný soubor upni třeba na http://www.leteckaposta.cz.

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 13 říj 2012 13:12
od hannah11
Ahoj, je to Asus EEE PC 1201 n

zasílám odkaz na leteckou poštu, kde najdeš soubor z Everestu

http://leteckaposta.cz/716163784

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 13 říj 2012 21:24
od MiliNess
Nevím proč, ale ta zpráva je prázdná. Zkus udělat kompletní zprávu.

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 14 říj 2012 14:01
od hannah11
Zasílám odkaz na kompletní zprávu, snad to již půjde

http://leteckaposta.cz/907821845

a jestli ne, tak tady je ještě odkaz na tu zprávu ve wordu

http://leteckaposta.cz/734641294

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 14 říj 2012 22:45
od MiliNess
Já tam vidím oba moduly. Spusť ještě Správce úloh, přepni se na záložku Výkon, sejmi screen a hoď ho sem.

Re: zpomalený ntb, prosím o kontrolu logu

Napsal: 15 říj 2012 09:02
od hannah11
Takže když vidíš oba moduly, tak je chyba asi v RAM ane ve slotu, ne? Což by bylo asi lepší, než kdyby byla vadná základní deska. Screen pošlu večer, ale co jsem se předběžně dívala, pořád mi to ukazuje paměť jen kolem 700, takže jedna RAMka chybí.
Všechny časy jsou v UTC+01:00
Stránka 2 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz