Kontrola pomaleho PC

Zpráva

alesheek · #16 Příspěvek od **alesheek** » 03 bře 2015 22:20

výsledok ZOEK... neviem, či to bude správne, stále tam boli nejaké hlášky, že sa to nenainštalovalo správne, že je to malware, a pri kliknutí pravým som tam nevidel možnosť spustiť ako správca, tak snáď to bude mať nejaký efekt.

Zoek.exe v5.0.0.0 Updated 01-March-2015
Tool run by Alesh on ut 03. 03. 2015 at 20:35:46,81.
Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alesh\Desktop\zoek.scr [Scan all users] [Script inserted]

==== System Restore Info ======================

3. 3. 2015 20:39:35 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~2\Symantec deleted successfully
C:\PROGRA~2\WinZip deleted successfully
C:\PROGRA~2\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully
C:\PROGRA~2\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} deleted successfully
C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\PROGRA~2\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} deleted successfully
C:\Users\Alesh\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Alesh\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Alesh\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-659952617-10003028-4047496890-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98D6E2AD-7673-4742-8B34-6D327771A66D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98D6E2AD-7673-4742-8B34-6D327771A66D} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Alesh\AppData\Roaming\Mozilla\Firefox\Profiles\wq6a5du9.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("browser.search.order.1", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006");

Added to C:\Users\Alesh\AppData\Roaming\Mozilla\Firefox\Profiles\wq6a5du9.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{32364CEA-7855-4A3C-B674-53D8E9B97936} not found
C:\PROGRA~2\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} not found
C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\PROGRA~2\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} not found
C:\Windows\system32\appdata deleted
C:\Windows\System32\Tasks\avast! Emergency Update deleted
C:\Users\Alesh\AppData\LocalLow\boost_interprocess deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Users\Alesh\AppData\Local\MSGBOX.EXE deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Alesh\AppData\Roaming\Mozilla\Firefox\Profiles\wq6a5du9.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [14. 06. 2012 17:10]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Alesh\AppData\Roaming\Mozilla\Firefox\Profiles\wq6a5du9.default
98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25
238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18
39309FEDDFA73FAE29EC99A07A55A3E8 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
647670C013AD60DA6F94B6881E6AC9E4 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
A66A630E101E7B5CF0946F34935660CC - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player
B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in
8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[17. 12. 2014 16:44]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12. 12. 2011 14:13]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dhdgffkkebhmkfjojejmpbldmpobfkfo - No path found[]

Tampermonkey - Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Users\Alesh\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alesh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=8 folders=6 112272 bytes)

==== Empty Temp Folders ======================

C:\Users\Alesh\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Alesh\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Alesh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on ut 03. 03. 2015 at 22:13:27,29 ======================

#17 Příspěvek od **Márty84** » 04 bře 2015 09:59

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

alesheek · #18 Příspěvek od **alesheek** » 07 bře 2015 11:30

Ospravedlňujem sa, že posielam log až teraz, nechcel som to súušťať cez týždeň, keď som PC potreboval k práci, ak by náhodou niečo nešlo.

K reštartu PC nedošlo. Tu je log.

ComboFix 15-03-01.01 - Alesh . 03. 2015 11:05:10.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.3035.1795 [GMT 1:00]
Running from: c:\users\Alesh\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\3D1B2F4BD2.sys
.
.
((((((((((((((((((((((((( Files Created from 2015-02-07 to 2015-03-07 )))))))))))))))))))))))))))))))
.
.
2015-03-07 10:22 . 2015-03-07 10:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-06 08:21 . 2015-03-06 08:21 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B8424CF9-89C0-4B51-9A77-9C323602E896}\offreg.dll
2015-03-06 07:53 . 2015-01-29 09:49 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B8424CF9-89C0-4B51-9A77-9C323602E896}\mpengine.dll
2015-03-03 21:10 . 2014-02-13 22:59 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-03 21:10 . 2015-03-07 10:22 -------- d-----w- c:\users\Alesh\AppData\Local\Temp
2015-03-03 19:35 . 2015-03-03 20:55 -------- d-----w- C:\zoek_backup
2015-03-01 08:24 . 2015-03-01 08:24 -------- d-----w- c:\program files\Defraggler
2015-03-01 08:10 . 2015-03-01 08:10 -------- d-----w- c:\program files\CCleaner
2015-02-27 21:34 . 2015-02-27 21:35 -------- d-----w- c:\program files\trend micro
2015-02-14 12:32 . 2014-11-26 02:05 564224 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-14 12:31 . 2015-01-09 00:20 2063360 ----a-w- c:\windows\system32\win32k.sys
2015-02-14 12:29 . 2015-01-13 01:39 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-14 12:23 . 2015-01-15 04:13 440760 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-02-14 12:22 . 2014-12-08 01:59 306176 ----a-w- c:\windows\system32\scesrv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-28 13:05 . 2014-09-25 21:29 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-24 02:23 . 2010-07-20 16:53 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-06 08:52 . 2012-03-31 08:49 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-06 08:52 . 2011-05-18 16:19 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-04 15:29 . 2015-01-04 15:30 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-20 09:53 . 2011-08-19 20:21 2828 --sha-w- c:\programdata\KGyGaAvL.sys
2014-12-19 00:25 . 2015-01-16 18:23 115200 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-17 15:46 . 2011-03-05 23:04 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-17 15:46 . 2010-07-19 19:03 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-17 15:45 . 2010-07-19 19:03 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-12-17 15:45 . 2014-05-24 15:42 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-17 15:45 . 2013-06-02 15:55 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-17 15:45 . 2013-06-02 15:55 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-17 15:45 . 2010-07-19 19:03 55240 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-12-17 15:45 . 2010-07-19 19:03 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-12-17 15:45 . 2014-12-17 15:45 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-17 15:45 . 2014-12-17 15:45 43152 ----a-w- c:\windows\avastSS.scr
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-17 15:45 723976 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-02-19 5503768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-17 186904]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-02-18 177720]
"HPCam_Menu"="c:\program files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-01-27 5227112]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-12-11 1310720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2008-08-06 13:23 69632 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Alesh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 1510 series.lnk]
path=c:\users\Alesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk
backup=c:\windows\pss\Monitor Ink Alerts - HP Deskjet 1510 series.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Alesh\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-21 06:37 1084744 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-Wdf01000.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-03-07 11:22
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2015-03-07 11:26:28
ComboFix-quarantined-files.txt 2015-03-07 10:26
.
Pre-Run: 117 763 571 712 bytes free
Post-Run: 117 677 506 560 bytes free
.
- - End Of File - - 2CC47F4502C943EC93ECBF3210134DA5
5C616939100B85E558DA92B899A0FC36

#19 Příspěvek od **Márty84** » 07 bře 2015 15:24

Vypnete trvale Windows Defender.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=-
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DivXUpdate"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"GrooveMonitor"=-

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

DDS::
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\*

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

alesheek · #20 Příspěvek od **alesheek** » 07 bře 2015 18:16

ComboFix 15-03-01.01 - Alesh . 03. 2015 17:43:25.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.3035.2093 [GMT 1:00]
Running from: c:\users\Alesh\Desktop\ComboFix.exe
Command switches used :: c:\users\Alesh\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2015-02-07 to 2015-03-07 )))))))))))))))))))))))))))))))
.
.
2015-03-07 17:00 . 2015-03-07 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-06 07:53 . 2015-01-29 09:49 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B8424CF9-89C0-4B51-9A77-9C323602E896}\mpengine.dll
2015-03-03 21:10 . 2014-02-13 22:59 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-03 21:10 . 2015-03-07 17:04 -------- d-----w- c:\users\Alesh\AppData\Local\Temp
2015-03-03 19:35 . 2015-03-03 20:55 -------- d-----w- C:\zoek_backup
2015-03-01 08:24 . 2015-03-01 08:24 -------- d-----w- c:\program files\Defraggler
2015-03-01 08:10 . 2015-03-01 08:10 -------- d-----w- c:\program files\CCleaner
2015-02-27 21:34 . 2015-02-27 21:35 -------- d-----w- c:\program files\trend micro
2015-02-14 12:32 . 2014-11-26 02:05 564224 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-14 12:31 . 2015-01-09 00:20 2063360 ----a-w- c:\windows\system32\win32k.sys
2015-02-14 12:29 . 2015-01-13 01:39 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-14 12:23 . 2015-01-15 04:13 440760 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-02-14 12:22 . 2014-12-08 01:59 306176 ----a-w- c:\windows\system32\scesrv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-28 13:05 . 2014-09-25 21:29 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-24 02:23 . 2010-07-20 16:53 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-06 08:52 . 2012-03-31 08:49 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-06 08:52 . 2011-05-18 16:19 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-04 15:29 . 2015-01-04 15:30 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-20 09:53 . 2011-08-19 20:21 2828 --sha-w- c:\programdata\KGyGaAvL.sys
2014-12-19 00:25 . 2015-01-16 18:23 115200 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-17 15:46 . 2011-03-05 23:04 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-17 15:46 . 2010-07-19 19:03 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-17 15:45 . 2010-07-19 19:03 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-12-17 15:45 . 2014-05-24 15:42 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-17 15:45 . 2013-06-02 15:55 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-17 15:45 . 2013-06-02 15:55 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-17 15:45 . 2010-07-19 19:03 55240 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-12-17 15:45 . 2010-07-19 19:03 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-12-17 15:45 . 2014-12-17 15:45 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-17 15:45 . 2014-12-17 15:45 43152 ----a-w- c:\windows\avastSS.scr
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-17 15:45 723976 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-02-19 13:24 576840 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-17 186904]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-02-18 177720]
"HPCam_Menu"="c:\program files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-01-27 5227112]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-12-11 1310720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2008-08-06 13:23 69632 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Alesh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 1510 series.lnk]
path=c:\users\Alesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk
backup=c:\windows\pss\Monitor Ink Alerts - HP Deskjet 1510 series.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-21 06:37 1084744 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-03-07 18:04
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Completion time: 2015-03-07 18:10:32 - machine was rebooted
ComboFix-quarantined-files.txt 2015-03-07 17:10
ComboFix2.txt 2015-03-07 10:26
.
Pre-Run: 117 703 372 800 bytes free
Post-Run: 117 718 687 744 bytes free
.
- - End Of File - - 03FAA69CF9866ACA5D3A0039231247EF
5C616939100B85E558DA92B899A0FC36

#21 Příspěvek od **Márty84** » 07 bře 2015 20:56

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

alesheek · #22 Příspěvek od **alesheek** » 07 bře 2015 23:08

OTL logfile created on: 7. 3. 2015 21:11:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alesh\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19600)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,96 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 52,05% Memory free
6,14 Gb Paging File | 4,75 Gb Available in Paging File | 77,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 165,76 Gb Total Space | 109,68 Gb Free Space | 66,17% Space Free | Partition Type: NTFS
Drive D: | 300,00 Gb Total Space | 253,14 Gb Free Space | 84,38% Space Free | Partition Type: NTFS

Computer Name: ALESHEEK | User Name: Alesh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/03/07 21:08:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alesh\Desktop\OTL.exe
PRC - [2015/02/17 23:45:00 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2015/01/27 06:18:07 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\avastui.exe
PRC - [2014/12/17 16:45:12 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008/12/17 01:37:46 | 000,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
PRC - [2008/08/26 23:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/07/15 21:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

========== Modules (No Company Name) ==========

MOD - [2015/02/17 23:44:57 | 009,171,272 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll
MOD - [2014/12/17 16:45:46 | 038,562,088 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2014/02/10 12:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
MOD - [2014/02/10 12:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
MOD - [2009/02/03 20:00:00 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2001/08/10 13:23:14 | 000,388,608 | ---- | M] () -- C:\Program Files\TEXTware\QUICKfind\PlugIns\IEHelp.dll

========== Services (SafeList) ==========

SRV - [2014/12/17 16:45:12 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/12/17 01:37:46 | 000,354,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE -- (IAANTMON)
SRV - [2008/08/26 23:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/08/06 14:24:40 | 000,349,432 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2008/07/15 21:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2008/04/08 20:12:50 | 001,112,560 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/01/21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Alesh\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2014/12/17 16:46:24 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/12/17 16:46:14 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/12/17 16:45:53 | 000,057,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/12/17 16:45:52 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/12/17 16:45:52 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/12/17 16:45:52 | 000,055,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswrdr.sys -- (aswRdr)
DRV - [2014/12/17 16:45:52 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/12/17 16:45:52 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2012/03/07 00:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/05/13 17:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 17:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2011/01/01 17:21:35 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/03/02 13:54:56 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/03/02 13:54:56 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/03/02 13:54:56 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/02/22 09:06:42 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/03/26 05:39:14 | 001,765,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/02/19 20:17:00 | 000,095,760 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/02/03 22:29:00 | 004,303,360 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/11/21 20:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/08/06 13:43:30 | 000,032,256 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2007/06/18 15:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/04/17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-659952617-10003028-4047496890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 16 65 AC BB 69 CE 01 [binary data]
IE - HKU\S-1-5-21-659952617-10003028-4047496890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-659952617-10003028-4047496890-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-659952617-10003028-4047496890-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-659952617-10003028-4047496890-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-659952617-10003028-4047496890-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015/02/01 19:46:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/14 17:10:01 | 000,000,000 | ---D | M]

[2013/10/13 18:13:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alesh\AppData\Roaming\mozilla\Extensions
[2015/01/22 22:42:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alesh\AppData\Roaming\mozilla\Firefox\Profiles\wq6a5du9.default\extensions
[2014/12/17 08:27:08 | 000,002,428 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\mozilla\firefox\profiles\wq6a5du9.default\searchplugins\google-avast.xml
[2014/11/16 09:22:01 | 000,002,823 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\mozilla\firefox\profiles\wq6a5du9.default\searchplugins\Google.xml
[2010/12/09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.11_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.10.3_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8_0\

O1 HOSTS File: ([2015/03/07 18:03:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\TEXTware\QUICKfind\PlugIns\IEHelp.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HPCam_Menu] C:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-659952617-10003028-4047496890-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-659952617-10003028-4047496890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73761AD9-449D-400B-9198-86ACE7722A1E}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8078D6E-8156-41D7-A5C7-D7CFBF31E311}: DhcpNameServer = 213.46.172.36 213.46.172.37
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\Windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O24 - Desktop WallPaper: C:\Users\Alesh\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alesh\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

alesheek · #23 Příspěvek od **alesheek** » 07 bře 2015 23:09

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015/03/07 21:08:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alesh\Desktop\OTL.exe
[2015/03/07 18:10:41 | 000,000,000 | ---D | C] -- C:\Users\Alesh\AppData\Local\temp
[2015/03/07 18:03:50 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2015/03/07 11:02:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2015/03/07 11:02:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2015/03/07 11:02:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2015/03/07 11:02:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2015/03/07 11:02:06 | 000,000,000 | R--D | C] -- C:\Users\Alesh\Videos
[2015/03/07 11:01:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2015/03/07 10:57:20 | 005,612,482 | R--- | C] (Swearware) -- C:\Users\Alesh\Desktop\ComboFix.exe
[2015/03/04 22:40:46 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2015/03/03 22:10:52 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2015/03/03 20:35:34 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2015/03/03 08:06:03 | 000,000,000 | R--D | C] -- C:\Users\Alesh\Music
[2015/03/01 09:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2015/03/01 09:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2015/03/01 09:20:53 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2015/03/01 09:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/03/01 09:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/02/27 22:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/02/14 13:31:23 | 002,063,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/02/14 13:01:44 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/02/14 13:01:44 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/02/14 13:01:32 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/02/14 13:01:31 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/02/14 13:01:30 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/02/14 13:01:29 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2015/02/14 13:01:27 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/02/14 13:01:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/02/14 13:01:23 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2015/02/14 13:01:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/02/14 13:01:22 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2015/02/14 13:01:22 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015/02/14 13:01:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/02/14 13:01:20 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/02/14 13:01:20 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015/02/14 13:01:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2015/02/14 13:01:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/02/14 13:01:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2015/02/14 13:01:18 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/02/14 13:01:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015/02/14 13:01:17 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[4 C:\Users\Alesh\Desktop\*.tmp files -> C:\Users\Alesh\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/03/07 21:17:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/03/07 21:08:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alesh\Desktop\OTL.exe
[2015/03/07 20:01:54 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/03/07 20:01:54 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/03/07 18:03:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2015/03/07 18:01:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/03/07 18:01:48 | 3183,755,264 | -HS- | M] () -- C:\hiberfil.sys
[2015/03/07 18:00:36 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2015/03/07 10:57:33 | 005,612,482 | R--- | M] (Swearware) -- C:\Users\Alesh\Desktop\ComboFix.exe
[2015/03/07 10:23:27 | 000,658,070 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/03/07 10:23:27 | 000,130,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/03/03 20:33:52 | 004,311,354 | ---- | M] () -- C:\Users\Alesh\Desktop\zoek.rar
[2015/02/28 14:05:45 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/02/27 08:40:58 | 000,000,680 | ---- | M] () -- C:\Users\Alesh\AppData\Local\d3d9caps.dat
[2015/02/24 03:23:36 | 000,246,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2015/02/14 13:51:16 | 000,428,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/02/13 00:50:10 | 001,440,116 | ---- | M] () -- C:\Users\Alesh\Desktop\zoek.scr
[2015/02/13 00:50:10 | 001,440,116 | ---- | M] () -- C:\Users\Alesh\Desktop\zoek.pif
[2015/02/13 00:50:10 | 001,440,116 | ---- | M] () -- C:\Users\Alesh\Desktop\zoek.com
[2015/02/06 09:52:12 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/02/06 09:52:12 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[4 C:\Users\Alesh\Desktop\*.tmp files -> C:\Users\Alesh\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/03/07 21:17:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/03/07 11:02:36 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2015/03/07 11:02:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2015/03/07 11:02:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2015/03/07 11:02:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2015/03/07 11:02:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2015/03/03 22:10:55 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2015/03/03 20:34:08 | 001,440,116 | ---- | C] () -- C:\Users\Alesh\Desktop\zoek.scr
[2015/03/03 20:34:08 | 001,440,116 | ---- | C] () -- C:\Users\Alesh\Desktop\zoek.pif
[2015/03/03 20:34:07 | 001,440,116 | ---- | C] () -- C:\Users\Alesh\Desktop\zoek.com
[2015/03/03 20:33:43 | 004,311,354 | ---- | C] () -- C:\Users\Alesh\Desktop\zoek.rar
[2014/11/22 15:37:56 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/09/27 09:26:25 | 000,004,096 | -H-- | C] () -- C:\Users\Alesh\AppData\Local\keyfile3.drm
[2014/05/24 16:42:42 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/01/31 18:30:46 | 000,088,656 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2013/06/26 06:33:50 | 000,000,680 | ---- | C] () -- C:\Users\Alesh\AppData\Local\d3d9caps.dat
[2013/06/02 16:55:21 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/06/02 16:55:21 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2011/08/19 21:21:10 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/08/01 11:33:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/19 21:25:01 | 000,000,093 | ---- | C] () -- C:\Users\Alesh\AppData\Local\fusioncache.dat
[2010/07/19 20:37:36 | 000,110,592 | ---- | C] () -- C:\Users\Alesh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 14:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/11/23 09:52:20 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\AVAST Software
[2015/01/06 08:31:06 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\BSplayer
[2010/07/19 21:15:20 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\BSplayer Pro
[2011/01/26 20:53:58 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\GHISLER
[2012/05/07 09:13:48 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\ICAClient
[2011/08/19 21:21:14 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\InterVideo
[2010/08/31 20:26:30 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Oxford
[2014/01/31 18:30:27 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\rmi
[2014/11/15 12:55:20 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006/11/02 13:58:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 13:58:10 | 000,032,554 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: AGP440.SYS >
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\erdnt\cache\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\erdnt\cache\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/08/16 13:03:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=66A1A71D66C5235A31C16F30147E7AF6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_181d523c\atapi.sys
[2008/08/16 13:03:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=66A1A71D66C5235A31C16F30147E7AF6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22245_none_dd9b888d3ac35a04\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 03:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\erdnt\cache\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2013/10/03 14:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2013/04/24 05:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2013/04/17 13:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\erdnt\cache\cryptsvc.dll
[2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\System32\cryptsvc.dll
[2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2008/01/21 03:34:19 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012/04/23 17:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2013/07/08 03:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2012/04/23 15:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2013/04/17 12:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2012/06/02 12:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012/06/02 01:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009/04/11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013/04/24 04:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009/04/11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2008/12/04 21:48:52 | 000,407,064 | R--- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IASTOR.SYS
[2008/12/04 21:34:52 | 000,328,728 | R--- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IASTOR.SYS
[2008/12/04 21:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Windows\System32\drivers\iaStor.sys
[2008/12/04 21:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3f3bdbbf\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006/11/02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008/01/21 03:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008/01/21 03:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008/01/21 03:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008/01/21 03:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008/01/21 03:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/06/15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009/09/10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009/02/13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012/06/01 23:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2009/06/15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2014/10/11 00:21:41 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=86C519D59C70327434641E862A70B52B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23521_none_a8a5f069731e840f\lsass.exe
[2015/01/15 06:17:50 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A28A5386D01A5C6B085838624955EF3C -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23594_none_a85d41d3735493ab\lsass.exe
[2011/11/16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\erdnt\cache\lsass.exe
[2011/11/16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011/11/16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011/11/16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2011/11/16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19214_none_a82a209c59f61a0b\lsass.exe
[2011/11/16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19284_none_a7de71285a2edda2\lsass.exe
[2009/06/15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009/02/13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009/06/15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2014/12/03 01:23:58 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=C4AA089041242987308AE2A7B30E910A -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23555_none_a88981cd73333d3e\lsass.exe
[2009/06/15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009/09/09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009/09/10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008/01/21 03:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008/01/21 03:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008/01/21 03:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011/11/16 14:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2009/02/13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\erdnt\cache\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 03:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008/02/08 05:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008/02/08 05:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\erdnt\cache\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 03:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008/01/21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008/01/21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008/01/21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 03:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\erdnt\cache\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2013/07/08 02:18:50 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=18CE0D0DCB7AF0D3E67ECF12BDE1382D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_ae7897262f9a96cf\smss.exe
[2013/03/09 02:16:53 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=44A40B18D9F6315D35F4539A41ECDE0D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23076_none_ae64f5fc2fa90438\smss.exe
[2008/01/21 03:33:22 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2013/05/02 02:27:42 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=AF2F8F104F119DD10AFA8B54A006F1B6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23103_none_aeada6782f72f1c3\smss.exe
[2013/03/09 02:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\System32\smss.exe
[2013/03/09 02:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_ae2630391653543e\smss.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008/01/21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2014/11/21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2013/05/08 04:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011/06/17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012/03/30 13:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013/01/04 12:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2013/05/08 05:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011/06/17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013/07/05 04:20:37 | 000,914,880 | ---- | M] (Microsoft Corporation) MD5=6D0D344F643E28B31262AC2682109A3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[2013/01/04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2008/03/27 05:05:48 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys
[2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2014/04/05 04:23:10 | 000,915,392 | ---- | M] (Microsoft Corporation) MD5=A4196D394207369E1431E8681B373312 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23370_none_b54264477ce304df\tcpip.sys
[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2014/04/05 03:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\erdnt\cache\tcpip.sys
[2014/04/05 03:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\System32\drivers\tcpip.sys
[2014/04/05 03:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.19080_none_b4adf3c463cd86b8\tcpip.sys
[2013/07/05 05:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2012/03/30 13:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008/01/21 03:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 03:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008/01/21 03:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014/11/21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008/01/21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\erdnt\cache\ws2_32.dll
[2008/01/21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008/01/21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[43 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[9 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\*.tmp -> ]
[693 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/04/05 21:39:36 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Adobe
[2010/07/19 19:57:56 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\ATI
[2013/11/23 09:52:20 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\AVAST Software
[2015/01/06 08:31:06 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\BSplayer
[2010/07/19 21:15:20 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\BSplayer Pro
[2011/08/19 21:21:09 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Corel
[2012/06/14 17:09:46 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\DivX
[2011/01/26 20:53:58 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\GHISLER
[2010/07/19 21:31:57 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\GTek
[2011/09/12 18:10:06 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Hewlett-Packard
[2011/09/12 18:06:41 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Hewlett-Packard Company
[2014/11/15 13:23:45 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\hpqLog
[2014/11/22 15:48:03 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\HpUpdate
[2012/05/07 09:13:48 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\ICAClient
[2010/07/19 19:24:53 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Identities
[2010/07/19 19:28:54 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\InstallShield
[2011/08/19 21:21:14 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\InterVideo
[2012/07/15 17:21:04 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Macromedia
[2015/01/31 23:57:50 | 000,000,000 | --SD | M] -- C:\Users\Alesh\AppData\Roaming\Microsoft
[2015/02/25 20:32:13 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Mozilla
[2010/08/31 20:26:30 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Oxford
[2011/11/26 15:16:25 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Real
[2014/01/31 18:30:27 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\rmi
[2013/01/06 18:42:49 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Roxio
[2015/03/01 09:17:36 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Skype
[2011/07/25 20:30:04 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\skypePM
[2010/08/03 18:05:20 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Sony Corporation
[2014/11/15 12:55:20 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\TuneUp Software
[2011/08/31 19:21:56 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\U3
[2012/07/14 21:59:43 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\Winamp
[2012/05/29 20:00:40 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009/08/11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009/08/11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010/03/22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012/10/11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010/08/14 09:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010/08/14 09:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010/08/14 09:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010/09/30 14:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2010/07/19 19:37:01 | 000,010,134 | R--- | M] () -- C:\Users\Alesh\AppData\Roaming\Microsoft\Installer\{4A961841-85E4-F441-8C99-17657E860243}\ARPPRODUCTICON.exe
[2014/01/31 18:30:31 | 004,699,456 | ---- | M] (Acro Software Inc. ) -- C:\Users\Alesh\AppData\Roaming\rmi\cutepdf-writer-3.0.exe
[2006/12/07 09:45:12 | 000,110,592 | ---- | M] () -- C:\Users\Alesh\AppData\Roaming\U3\temp\cleanup.exe
[2006/12/07 09:45:12 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Users\Alesh\AppData\Roaming\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011/01/01 17:21:35 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008/01/21 04:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 04:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 04:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015/03/07 22:01:55 | 000,003,712 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/03/07 22:01:55 | 000,003,712 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/03/07 10:23:27 | 000,130,024 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2015/03/07 10:23:27 | 000,658,070 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2015/03/07 10:23:27 | 000,794,244 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/03/07 21:17:02 | 000,000,512 | ---- | M] () MD5=5C62E019221DD8E20E6E0C2FA2220146 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014/12/17 16:45:09 | 000,072,480 | ---- | M] () -- \Program Files\Alwil Software\Avast5\aswWrcIELoader32.exe
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2008/04/08 17:47:54 | 000,053,511 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Generic\Images\themeloader_default_chapter.jpg
[2008/04/08 17:47:54 | 000,053,511 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Generic\Images\themeloader_default_menu.jpg
[2008/04/18 00:29:48 | 000,007,307 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1025\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:29:48 | 000,007,270 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1028\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:29:50 | 000,007,610 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1029\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:29:52 | 000,007,281 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1030\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:29:54 | 000,007,323 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1031\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:29:56 | 000,007,778 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1032\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:29:56 | 000,007,283 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1033\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:29:58 | 000,007,410 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1035\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:00 | 000,007,262 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1036\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:02 | 000,007,307 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1037\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:04 | 000,007,409 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1038\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:04 | 000,007,305 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1040\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:06 | 000,007,846 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1041\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:08 | 000,007,427 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1042\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:10 | 000,007,400 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1043\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:10 | 000,007,329 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1044\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:12 | 000,007,397 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1045\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:14 | 000,007,525 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1046\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:16 | 000,007,914 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1049\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:16 | 000,007,290 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1053\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:18 | 000,007,474 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1055\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:20 | 000,007,227 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\2052\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:22 | 000,007,584 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\2070\Strings\RCMFormatLoaderStrings.xml
[2008/04/18 00:30:22 | 000,007,654 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\3082\Strings\RCMFormatLoaderStrings.xml
[2008/04/08 20:11:52 | 000,215,536 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFileLoader.dll
[2008/04/08 20:11:54 | 000,084,464 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderBMP.dll
[2008/04/08 20:11:56 | 000,072,176 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderECDC.dll
[2008/04/08 20:11:58 | 000,092,656 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderGIF.dll
[2008/04/08 20:12:00 | 000,207,344 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderJPG2.dll
[2008/04/08 20:13:14 | 000,072,176 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderMDC.dll
[2008/04/08 20:12:02 | 000,133,616 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderPNG.dll
[2008/04/08 20:12:04 | 000,104,944 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderTIFF.dll
[2008/04/08 20:12:42 | 000,154,096 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\LeResourceLoader.dll
[2009/03/10 16:39:28 | 000,056,416 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Webcam\Koan\pyloader.dll
[2013/07/29 01:37:30 | 000,194,384 | ---- | M] () -- \Program Files\HP\HP Deskjet 1510 series\Bin\HPPSDrDownloader.exe
[2009/10/06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 1510 series\Bin\HelpViewer\Resources\Loader.gif
[2008/08/01 04:08:22 | 000,141,808 | ---- | M] () -- \Program Files\Roxio\VideoCore 10\VOBLoader.ax
[2008/04/02 03:01:32 | 000,170,480 | ---- | M] () -- \Program Files\Roxio\VideoUI 10\DSThemeLoader.dll
[2008/04/02 03:01:50 | 000,113,136 | ---- | M] () -- \Program Files\Roxio\VideoUI 10\DVDFormatLoaderPlugIn.dll
[2008/04/02 02:26:34 | 000,053,511 | R--- | M] () -- \Program Files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_default_chapter.jpg
[2008/04/02 02:26:34 | 000,053,511 | R--- | M] () -- \Program Files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_default_menu.jpg
[2008/04/02 02:26:34 | 000,040,000 | R--- | M] () -- \Program Files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_hourglass.jpg
[2008/10/08 01:53:46 | 000,200,704 | ---- | M] () -- \SwSetup\HPQATTAgent\PROGRAM FILES\AT&T\SERVICE ACTIVATION\LOADER.DLL
[2008/10/08 01:53:50 | 000,196,608 | ---- | M] () -- \SwSetup\HPQATTAgent\PROGRAM FILES\AT&T\SERVICE ACTIVATION\NWTCDMALOADER.DLL
[2015/02/24 15:47:28 | 000,003,208 | ---- | M] () -- \Users\Alesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.11_0\skin\ajax-loader.gif
[2014/10/24 08:42:10 | 000,072,638 | ---- | M] () -- \Users\Alesh\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/10/24 08:42:10 | 000,003,032 | ---- | M] () -- \Users\Alesh\AppData\Local\Skype\Apps\login\images\loader.png
[2014/10/24 08:42:10 | 000,006,012 | ---- | M] () -- \Users\Alesh\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/10/24 08:42:10 | 000,021,956 | ---- | M] () -- \Users\Alesh\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/10/24 08:42:10 | 000,009,772 | ---- | M] () -- \Users\Alesh\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2012/10/21 14:09:05 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008/01/21 03:33:05 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008/01/21 03:36:41 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/01/21 03:36:41 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winload.exe.mui_3bc5b827
[2008/01/21 03:36:41 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winresume.exe.mui_ff8b5358
[2010/07/24 16:06:24 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2010/07/24 16:06:24 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2010/07/24 16:06:24 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008/01/21 03:36:35 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 03:36:35 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008/02/29 08:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008/02/29 08:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008/02/29 11:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008/02/29 11:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008/02/29 11:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008/02/29 09:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008/02/29 11:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008/02/29 08:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008/02/29 08:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008/02/29 10:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008/02/29 11:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008/02/29 11:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008/02/29 08:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008/02/29 10:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008/01/21 03:30:37 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/02/29 08:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008/02/29 08:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008/01/21 03:29:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008/02/29 09:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008/02/29 08:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009/04/10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006/11/02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008/01/21 03:27:10 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 03:33:05 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008/01/21 03:33:05 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2008/04/02 02:26:34 | 000,003,262 | R--- | M] () -- \Program Files\Roxio\VideoUI 10\Skins\Default\Generic\Images\Cursors\selectnode.cur

< *AutoKMS* /s >

< *activator* /s >
[2008/08/01 04:06:44 | 000,162,288 | ---- | M] () -- \Program Files\Roxio\VideoCore 10\CGActivator.dll

< *serial* /s >
[2014/05/13 22:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/09/26 10:12:13 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/09 23:14:57 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008/10/08 01:53:52 | 000,143,360 | ---- | M] () -- \SwSetup\HPQATTAgent\PROGRAM FILES\AT&T\SERVICE ACTIVATION\RIM_SERIAL.DLL
[2008/10/08 01:53:52 | 000,167,936 | ---- | M] () -- \SwSetup\HPQATTAgent\PROGRAM FILES\AT&T\SERVICE ACTIVATION\RIM_SERIALV2.DLL
[2010/07/19 21:24:54 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:18:10 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/10/16 21:25:27 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0c230d2ecb6492180563ea1811cae3d6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/10/16 21:25:57 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0da6b8070bd799d25d8a0add408201e8\System.Runtime.Serialization.ni.dll
[2015/02/01 16:28:13 | 000,306,176 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015/02/01 16:28:13 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015/02/01 16:29:24 | 002,855,424 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
[2015/02/01 16:29:24 | 000,000,996 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll.aux
[2015/02/02 15:23:09 | 000,025,600 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll
[2015/02/02 15:23:09 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll.aux
[2014/04/12 00:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\65FC11932FE9AB9348A62CB73DDC6058\4.5.51209\System.Runtime.Serialization.dll.x86
[2014/04/12 00:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\65FC11932FE9AB9348A62CB73DDC6058\4.5.51209\System.Runtime.Serialization.dll_gac_x86
[2014/04/12 00:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/04/11 23:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2014/04/11 23:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014/04/11 23:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/04/11 23:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2014/04/11 23:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2004/07/15 13:31:54 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:18:10 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2014/04/12 00:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014/04/11 23:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014/04/11 23:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014/04/11 23:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014/04/11 23:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2014/04/11 23:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2008/01/21 03:33:23 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2006/11/02 13:39:01 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\en-US\grserial.sys.mui
[2006/11/02 13:38:30 | 000,010,752 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2008/01/21 03:32:52 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006/11/02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008/01/21 03:32:22 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006/11/02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008/01/21 03:32:47 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2010/07/20 05:13:09 | 000,005,632 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2010/07/24 16:06:30 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2010/07/24 16:06:30 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2010/07/20 05:13:40 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7_serialui.dll.mui_7d29d2a3
[2010/07/24 16:06:47 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006/11/02 13:33:16 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008/01/21 03:29:58 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2009/04/10 23:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010/04/12 19:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012/10/08 17:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2014/07/01 23:20:17 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af.manifest
[2014/07/14 02:48:49 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19142_none_d20292adb884d6c4.manifest
[2010/04/12 20:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012/10/08 16:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2014/07/01 22:23:31 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499.manifest
[2014/07/14 01:50:45 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23445_none_bb34a74dd22c844f.manifest
[2006/11/02 13:37:38 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2010/04/12 18:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012/10/08 17:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2014/07/01 23:10:09 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_en-us_bac925a3037d5bdb.manifest
[2014/07/14 02:42:29 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19142_en-us_baca537d037c41f0.manifest
[2010/04/12 19:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012/10/08 16:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2014/07/01 22:17:43 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_en-us_a3fb510b1d24efc5.manifest
[2014/07/14 01:39:45 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23445_en-us_a3fc681d1d23ef7b.manifest
[2006/11/02 13:33:16 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008/01/21 03:29:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2009/04/10 23:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010/04/12 19:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012/10/08 17:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2014/07/01 23:20:09 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2.manifest
[2014/07/14 02:48:41 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19142_none_0245c847e02bd7f7.manifest
[2010/04/12 20:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012/10/08 16:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2014/07/01 22:23:24 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc.manifest
[2014/07/14 01:50:38 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23445_none_eb77dce7f9d38582.manifest
[2006/11/02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008/01/21 03:28:29 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009/04/10 23:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006/11/02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006/11/02 13:33:16 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008/01/21 03:29:52 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2009/04/10 23:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010/04/12 19:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012/10/08 17:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2014/07/01 23:21:17 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24.manifest
[2014/07/14 02:49:45 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19142_none_0720741521027239.manifest
[2010/04/12 20:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012/10/08 16:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2014/07/01 22:24:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e.manifest
[2014/07/14 01:51:36 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23445_none_f05288b53aaa1fc4.manifest
[2006/10/20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008/01/21 03:33:26 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:18:10 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.19134_none_47f18f01241f2064\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/23 23:18:07 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.23436_none_3123ba693dc6b44e\System.Runtime.Serialization.Formatters.Soap.dll
[2006/11/02 13:34:59 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008/01/21 03:35:15 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2009/02/18 19:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010/04/12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012/10/08 12:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2014/06/26 23:17:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af\System.Runtime.Serialization.dll
[2014/07/09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19142_none_d20292adb884d6c4\System.Runtime.Serialization.dll
[2010/04/12 13:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012/10/08 11:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2014/06/20 23:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499\System.Runtime.Serialization.dll
[2014/07/10 23:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23445_none_bb34a74dd22c844f\System.Runtime.Serialization.dll
[2006/11/02 13:34:59 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008/01/21 03:35:16 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2009/02/18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012/10/08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2014/06/26 23:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2\System.Runtime.Serialization.dll
[2014/07/09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19142_none_0245c847e02bd7f7\System.Runtime.Serialization.dll
[2010/04/12 13:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012/10/08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2014/06/20 23:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc\System.Runtime.Serialization.dll
[2014/07/10 23:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23445_none_eb77dce7f9d38582\System.Runtime.Serialization.dll
[2006/11/02 13:39:01 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_34b5f355d987afa1\serial.sys.mui
[2008/01/21 03:32:52 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2010/07/20 05:13:09 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7\serialui.dll.mui
[2008/01/21 03:33:23 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008/01/21 03:33:23 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2006/11/02 13:38:30 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_05d5abe6364bafaf\serial.sys.mui
[2008/01/21 03:32:22 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2006/11/02 13:39:01 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_f75d56acd8933ebf\grserial.sys.mui
[2008/01/21 03:32:47 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006/11/02 13:34:58 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008/01/21 03:35:12 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2009/02/18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012/10/08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2014/06/26 23:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24\System.Runtime.Serialization.dll
[2014/07/09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19142_none_0720741521027239\System.Runtime.Serialization.dll
[2010/04/12 13:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012/10/08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll
[2014/06/20 23:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e\System.Runtime.Serialization.dll
[2014/07/10 23:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23445_none_f05288b53aaa1fc4\System.Runtime.Serialization.dll
[2012/06/14 17:10:30 | 000,000,000 | ---- | M] () -- \zoek_backup\C_Users_Alesh_AppData_LocalLow_boost_interprocess\DDM0serviceCmdSerializeLock

< *w7lxe* /s >

< End of report >

alesheek · #24 Příspěvek od **alesheek** » 07 bře 2015 23:10

OTL Extras logfile created on: 7. 3. 2015 21:11:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alesh\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19600)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,96 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 52,05% Memory free
6,14 Gb Paging File | 4,75 Gb Available in Paging File | 77,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 165,76 Gb Total Space | 109,68 Gb Free Space | 66,17% Space Free | Partition Type: NTFS
Drive D: | 300,00 Gb Total Space | 253,14 Gb Free Space | 84,38% Space Free | Partition Type: NTFS

Computer Name: ALESHEEK | User Name: Alesh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-659952617-10003028-4047496890-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{26CB0FB9-1B9B-43E5-9E3F-D1272B6FC698}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{2C1EBA3E-1081-400C-92AA-FD952485CF5E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2D410C5F-E18F-451F-B0A0-68647CFD9F55}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{45F8BE96-2E60-407B-A1B5-187EA7844A2C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5ED3D36B-3BA8-4116-8648-C68785537F57}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{76E369B2-8985-44C6-A05D-13F9F4E2F89A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{850C3C14-2DB5-41C7-A30E-8FFD73A43DA9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8D1DF5BA-9E20-4AA4-B78A-B172C621EC81}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AED64F56-32BB-4434-B4E4-C46B6139328D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2AB4FCBB-D952-47F8-B093-54911F4114E5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2C757CCB-F163-4FB6-8C74-29B56E2E3DFC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{59AD81EA-3EF5-4334-A85D-BB38D4ECF707}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6B14CF2C-9361-49F7-A016-35685B418436}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7415204E-ACE0-40E8-B603-C0DEF806C23B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9DC1CFBF-BD49-483C-90D0-D0D7643C09F4}" = dir=in | app=c:\program files\hp\hp deskjet 1510 series\bin\usbsetup.exe |
"{CE41E999-3648-4858-985C-7915CBCA3414}" = dir=in | app=c:\program files\hp\hp deskjet 1510 series\bin\hpnetworkcommunicatorcom.exe |
"{FEE1510C-E38D-4DD4-9328-DC7C8397E4A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{16A793A0-3C0F-4B64-AF95-D898E1C2EC04}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{285941BB-F566-4201-9CA1-AD1E9FD530D4}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{5231DCB9-513B-4D25-A7C5-ED375829F96D}C:\users\alesh\appdata\local\virtualstore\program files\common files\click2learn\tbsystem\tbload.bak" = protocol=6 | dir=in | app=c:\users\alesh\appdata\local\virtualstore\program files\common files\click2learn\tbsystem\tbload.bak |
"TCP Query User{5CB1B1B0-7D5F-490D-92C3-C5A2843E834C}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{E2E9A909-7D3A-486D-80B6-6DFA76D0FE27}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{FA3F584B-2A54-4E33-9AA9-0F35F8059C2A}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{10CF8576-0F3B-4E67-BDAB-9DEC23BB1C8B}C:\users\alesh\appdata\local\virtualstore\program files\common files\click2learn\tbsystem\tbload.bak" = protocol=17 | dir=in | app=c:\users\alesh\appdata\local\virtualstore\program files\common files\click2learn\tbsystem\tbload.bak |
"UDP Query User{4901D8F5-CAA2-4A05-9895-58B2E328C238}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{53387C41-B64D-46AE-B931-5CECF0B1A5DE}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{5CB89E35-329B-46E7-AB4D-0C66CD00DA96}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{838EB88F-80F9-44BF-A52E-5E2F80BF6ED6}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{D1514F11-9382-4795-B802-4EDFEBF9C107}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{04818D16-E946-550C-CA5B-5FB3B25CC9D2}" = CCC Help Czech
"{0845D004-320A-6B28-B8AD-BC147D50271E}" = CCC Help Korean
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0AE73E05-FD6F-417F-B828-82F13307AEEC}" = Catalyst Control Center - Branding
"{10EF53B4-44A3-1428-F051-4689307F27ED}" = CCC Help Russian
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{132F255E-FBE9-2E72-10A5-9DF35B45CEEF}" = ATI Catalyst Install Manager
"{1AB28342-A6C5-8B7A-2A92-BA2ED2A1E722}" = CCC Help Thai
"{1ACC4560-E7BE-2CCD-555B-C9C39F8940F8}" = CCC Help Dutch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 45
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{2928BCFA-AA18-C897-EF98-96DDB81B4CA5}" = CCC Help Polish
"{2BDB9DE0-6199-EEA2-81D1-93F1886DD3CB}" = CCC Help Hungarian
"{2CC3B536-0F86-1C4C-9C6E-4524252C343D}" = CCC Help Italian
"{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}" = HP Deskjet 1510 series Help
"{2E2A8A44-39EE-5EE3-6A9D-EAF9BC20B44E}" = CCC Help Chinese Standard
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{31030E4E-8532-4A22-B615-9F7A48F69C36}" = Catalyst Control Center - Branding
"{3266D4DE-9CD0-48AC-9B2D-1D4879DB440F}" = Catalyst Control Center - Branding
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3685016F-4277-5680-1990-2521EF3D3801}" = Catalyst Control Center Graphics Full New
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3A5C2134-6755-F59A-91EC-4A2EFEB2EAF4}" = Skins
"{43975334-1732-7072-DF06-008794BED1C4}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A961841-85E4-F441-8C99-17657E860243}" = Catalyst Control Center InstallProxy
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5BF5D619-4D1D-4E2B-890D-DA0B6DFF8D4C}" = Advanced Language Practice CD-ROM
"{5CFA95BC-52A5-6F32-05E4-0F9FCA83F9F0}" = CCC Help French
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61268BF7-3EC8-4CDC-922B-C8F718A0D46F}" = HP Deskjet 1510 series Basic Device Software
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6C36881B-0E51-4231-9D02-BF2149664D34}" = Google Drive
"{7045D1BB-4BE9-49A5-8B7B-3DCFD443A13D}" = ESU for Microsoft Vista SP1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83DBD41D-ADDF-7C18-98D8-B9232221CDE1}" = ccc-core-static
"{88F09FD2-0C32-A0E0-02DA-66731126032E}" = ccc-utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{902EC7BE-C623-11F3-0B20-A6A1D01A0F99}" = CCC Help Danish
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9505A2A4-2478-CAE8-3860-705A689A50E9}" = Catalyst Control Center Graphics Previews Vista
"{99B39D40-5EA1-440C-BA46-5DE3FA6E8388}" = Catalyst Control Center - Branding
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A70634D4-6C97-6F3D-B1D1-6CD01AAB15A2}" = CCC Help Chinese Traditional
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC0AA40D-8899-449C-A059-548C8AC5FB6D}" = HP User Guides 0136
"{AC54964A-0886-FFBB-DA5A-21B47BEDD8D9}" = CCC Help Portuguese
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.13) - Czech
"{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}" = ZTE Drivers
"{AE8B9EED-2083-3830-6BAF-D8FF87EFBD2B}" = Catalyst Control Center Localization All
"{B1259862-9EBF-C8E2-2092-160135C71549}" = CCC Help Swedish
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BA69296C-0910-D3B1-70C9-23BFF0C31D90}" = Catalyst Control Center Graphics Full Existing
"{BB662A7E-DFF6-47C9-BBD2-430079EA8E74}" = BIOS Configuration for HP ProtectTools
"{C299012A-DB39-4E9D-B360-75F83A7D5252}" = Catalyst Control Center - Branding
"{C4E73218-0B91-12D8-DB06-AE69B985EA55}" = CCC Help Finnish
"{C6FF0A11-1F6C-C902-2644-4FDE8BC45A91}" = CCC Help German
"{CA17EC26-F3D1-2084-D747-A33065D2257E}" = CCC Help Spanish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB7B419E-7ED5-76E0-8437-DEEFA7D45602}" = CCC Help Turkish
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{D142866A-0DDB-A0D7-CEC3-B2F4D79345CA}" = CCC Help Norwegian
"{D4E1CDA6-A176-B7BB-D0E6-206A2C3F0867}" = CCC Help English
"{D5F25F29-5A2A-4222-A7B2-C70D72ED600F}" = HP 3D DriveGuard
"{D8A0E646-F4C7-7AF4-1768-A3090F85CDB1}" = CCC Help Greek
"{DA8D7893-2E3A-4E49-7F6B-60DB4E33528F}" = Catalyst Control Center Core Implementation
"{E40CE35C-27F5-4EBF-82F9-13238BCA3572}" = HP Wireless Assistant
"{E5C92A83-6EFF-4162-841A-3EC4736A4334}" = Vista Default Settings
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"{FB091F2E-3B92-1658-6303-9924097B58D6}" = Catalyst Control Center Graphics Light
"7-Zip" = 7-Zip 9.15 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"avast" = Avast Free Antivirus
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Defraggler" = Defraggler
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InstallShield_{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full)
"Lexicon 4.0" = Lingea Lexicon 2002
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 2.0.4.1028
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"Oxford Advanced Genie" = Oxford Advanced Genie
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-659952617-10003028-4047496890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ OSession Events ]
Error - 6. 12. 2012 16:01:35 | Computer Name = Alesheek | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7. 3. 2015 12:42:57 | Computer Name = Alesheek | Source = Service Control Manager | ID = 7034
Description =

Error - 7. 3. 2015 12:42:57 | Computer Name = Alesheek | Source = Service Control Manager | ID = 7034
Description =

Error - 7. 3. 2015 12:42:57 | Computer Name = Alesheek | Source = Service Control Manager | ID = 7031
Description =

Error - 7. 3. 2015 12:43:00 | Computer Name = Alesheek | Source = Service Control Manager | ID = 7031
Description =

Error - 7. 3. 2015 12:50:46 | Computer Name = Alesheek | Source = Service Control Manager | ID = 7030
Description =

Error - 7. 3. 2015 13:00:28 | Computer Name = Alesheek | Source = Service Control Manager | ID = 7030
Description =

Error - 7. 3. 2015 13:00:33 | Computer Name = Alesheek | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description =

Error - 7. 3. 2015 13:00:37 | Computer Name = Alesheek | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description =

Error - 7. 3. 2015 13:00:37 | Computer Name = Alesheek | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description =

Error - 7. 3. 2015 13:06:18 | Computer Name = Alesheek | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

< End of report >

#25 Příspěvek od **Márty84** » 08 bře 2015 09:40

Jeste dejte aktualni log z RSIT

alesheek · #26 Příspěvek od **alesheek** » 08 bře 2015 12:21

Logfile of random's system information tool 1.10 (written by random/random)
Run by Alesh at 2015-03-08 12:20:21
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 111 GB (65%) free of 170 GB
Total RAM: 3035 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:20:35, on 8. 3. 2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19600)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Alesh\Desktop\RSIT.exe
C:\Program Files\trend micro\Alesh.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HPCam_Menu] "C:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 7034 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-01-04 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-12-17 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll [2001-08-10 388608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-04 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-17 186904]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-02-18 177720]
"HPCam_Menu"=C:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-27 5227112]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-12-11 1310720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Alesh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 1510 series.lnk]
C:\Windows\system32\RunDll32.exe [2006-11-02 44544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\Windows\system32\DeviceNP.dll [2008-08-06 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-03-08 12:20:21 ----D---- C:\rsit
2015-03-07 18:10:36 ----A---- C:\ComboFix.txt
2015-03-07 18:03:50 ----D---- C:\$RECYCLE.BIN
2015-03-07 11:02:36 ----A---- C:\Windows\zip.exe
2015-03-07 11:02:36 ----A---- C:\Windows\SWSC.exe
2015-03-07 11:02:36 ----A---- C:\Windows\SWREG.exe
2015-03-07 11:02:36 ----A---- C:\Windows\sed.exe
2015-03-07 11:02:36 ----A---- C:\Windows\PEV.exe
2015-03-07 11:02:36 ----A---- C:\Windows\NIRCMD.exe
2015-03-07 11:02:36 ----A---- C:\Windows\MBR.exe
2015-03-07 11:02:36 ----A---- C:\Windows\grep.exe
2015-03-07 11:02:17 ----D---- C:\Qoobox
2015-03-07 11:01:37 ----D---- C:\Windows\erdnt
2015-03-04 22:40:46 ----D---- C:\Config.Msi
2015-03-03 22:10:55 ----A---- C:\Windows\zoek-delete.exe
2015-03-03 22:10:52 ----D---- C:\Windows\Temp
2015-03-03 20:35:34 ----D---- C:\zoek_backup
2015-03-01 09:24:29 ----D---- C:\Program Files\Defraggler
2015-03-01 09:20:53 ----D---- C:\Windows\pss
2015-03-01 09:10:08 ----D---- C:\Program Files\CCleaner
2015-03-01 09:06:31 ----A---- C:\DelFix.txt
2015-02-28 16:47:57 ----A---- C:\aa.txt
2015-02-27 22:34:17 ----D---- C:\Program Files\trend micro
2015-02-14 13:32:57 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-14 13:31:23 ----A---- C:\Windows\system32\win32k.sys
2015-02-14 13:29:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-14 13:23:32 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-14 13:22:24 ----A---- C:\Windows\system32\scesrv.dll
2015-02-14 13:01:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-14 13:01:44 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-14 13:01:39 ----A---- C:\Windows\system32\mshtml.dll
2015-02-14 13:01:37 ----A---- C:\Windows\system32\ieframe.dll
2015-02-14 13:01:33 ----A---- C:\Windows\system32\urlmon.dll
2015-02-14 13:01:32 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-14 13:01:31 ----A---- C:\Windows\system32\vbscript.dll
2015-02-14 13:01:30 ----A---- C:\Windows\system32\wininet.dll
2015-02-14 13:01:29 ----A---- C:\Windows\system32\mstime.dll
2015-02-14 13:01:29 ----A---- C:\Windows\system32\iertutil.dll
2015-02-14 13:01:27 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-14 13:01:25 ----A---- C:\Windows\system32\ieui.dll
2015-02-14 13:01:24 ----A---- C:\Windows\system32\occache.dll
2015-02-14 13:01:23 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-14 13:01:23 ----A---- C:\Windows\system32\iepeers.dll
2015-02-14 13:01:22 ----A---- C:\Windows\system32\url.dll
2015-02-14 13:01:22 ----A---- C:\Windows\system32\iesysprep.dll
2015-02-14 13:01:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-14 13:01:20 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-02-14 13:01:20 ----A---- C:\Windows\system32\licmgr10.dll
2015-02-14 13:01:20 ----A---- C:\Windows\system32\iesetup.dll
2015-02-14 13:01:20 ----A---- C:\Windows\system32\iernonce.dll
2015-02-14 13:01:19 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-14 13:01:19 ----A---- C:\Windows\system32\corpol.dll
2015-02-14 13:01:18 ----A---- C:\Windows\system32\msfeedssync.exe
2015-02-14 13:01:18 ----A---- C:\Windows\system32\ie4uinit.exe

======List of files/folders modified in the last 1 month======

2015-03-08 12:20:35 ----D---- C:\Windows\Prefetch
2015-03-08 11:37:32 ----SHD---- C:\System Volume Information
2015-03-07 18:10:45 ----D---- C:\Windows\system32\drivers
2015-03-07 18:04:03 ----D---- C:\Windows
2015-03-07 18:04:03 ----A---- C:\Windows\system.ini
2015-03-07 18:03:34 ----D---- C:\Windows\system32\drivers\etc
2015-03-07 17:51:15 ----D---- C:\Windows\System32
2015-03-07 17:51:15 ----D---- C:\Windows\AppPatch
2015-03-07 17:51:09 ----D---- C:\Program Files\Common Files
2015-03-07 11:21:02 ----D---- C:\ProgramData
2015-03-07 10:23:27 ----D---- C:\Windows\inf
2015-03-07 10:23:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-04 22:41:29 ----SHD---- C:\Windows\Installer
2015-03-03 21:55:57 ----D---- C:\Windows\system32\Tasks
2015-03-03 20:48:51 ----D---- C:\Program Files
2015-03-01 09:17:36 ----D---- C:\Users\Alesh\AppData\Roaming\Skype
2015-03-01 09:17:33 ----D---- C:\Windows\Panther
2015-03-01 09:17:33 ----D---- C:\Windows\ModemLogs
2015-03-01 09:17:32 ----D---- C:\Windows\Minidump
2015-03-01 09:17:32 ----D---- C:\Windows\Logs
2015-03-01 09:17:32 ----D---- C:\Windows\Debug
2015-02-28 19:07:07 ----D---- C:\Windows\Tasks
2015-02-25 20:32:13 ----D---- C:\Users\Alesh\AppData\Roaming\Mozilla
2015-02-25 20:23:28 ----D---- C:\Program Files\Mozilla Firefox
2015-02-24 03:23:36 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-22 09:14:15 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-02-14 14:01:10 ----D---- C:\ProgramData\TuneUp Software
2015-02-14 14:00:00 ----D---- C:\Program Files\TuneUp Utilities 2013
2015-02-14 13:47:39 ----D---- C:\Windows\system32\migration
2015-02-14 13:47:39 ----D---- C:\Program Files\Internet Explorer
2015-02-14 13:33:14 ----D---- C:\Windows\winsxs
2015-02-14 13:33:11 ----D---- C:\Windows\system32\catroot
2015-02-14 13:32:55 ----D---- C:\ProgramData\Microsoft Help
2015-02-14 13:24:15 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-17 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-17 206248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-12-04 328728]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-11-29 45648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-01 436792]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-03-07 24408]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-12-17 55240]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-17 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-17 423784]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-12-17 57928]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-17 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-17 70384]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-01-17 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-02-19 95760]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-03 4303360]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2014-06-23 2709056]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-03-11 109608]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-03-26 1765168]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-11-24 310272]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv.sys [2008-08-06 32256]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 9216]
S3 mbr;mbr; \??\C:\Users\Alesh\AppData\Local\Temp\mbr.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2010-03-02 105856]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2010-03-02 105856]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2010-03-02 105856]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-26 14336]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-03 729088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-12-17 50344]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-17 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\Windows\system32\flcdlock.exe [2008-08-06 349432]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S4 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

-----------------EOF-----------------

#27 Příspěvek od **Márty84** » 08 bře 2015 16:08

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-659952617-10003028-4047496890-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..browser.search.isUS: false
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
[4 C:\Users\Alesh\Desktop\*.tmp files -> C:\Users\Alesh\Desktop\*.tmp -> ]
[2014/11/15 12:55:20 | 000,000,000 | ---D | M] -- C:\Users\Alesh\AppData\Roaming\TuneUp Software
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[43 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[9 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\*.tmp -> ]
[693 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

alesheek · #28 Příspěvek od **alesheek** » 11 bře 2015 12:01

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Alesh
->Temp folder emptied: 5707409 bytes
->Temporary Internet Files folder emptied: 622863 bytes
->Java cache emptied: 8196 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 411175108 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 398,00 mb

[EMPTYFLASH]

User: Alesh
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-659952617-10003028-4047496890-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: false removed from browser.search.isUS
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
C:\Users\Alesh\Desktop\~WRL0002.tmp deleted successfully.
C:\Users\Alesh\Desktop\~WRL0149.tmp deleted successfully.
C:\Users\Alesh\Desktop\~WRL2569.tmp deleted successfully.
C:\Users\Alesh\Desktop\~WRL3254.tmp deleted successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Cache folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\BootScreens\Cache folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\BootScreens folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\StartUp Manager folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\Speed Optimizer folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\Program Statistics folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\Disk Space Explorer folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\Dashboard folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities\Backups folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TuneUp Utilities folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2013\TuningIndex folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2013\StartUp Manager\Disabled objects folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2013\StartUp Manager folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2013\Speed Optimizer folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2013\Disk Space Explorer folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2013\Dashboard folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2013\Backups folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2013 folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2012\TuningIndex folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2012\StartUp Manager folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2012\Speed Optimizer folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2012\Disk Space Explorer folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2012\Dashboard folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software\TU2012 folder moved successfully.
C:\Users\Alesh\AppData\Roaming\TuneUp Software folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EBD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP45D5.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP55CC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP648C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6F41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8C90.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AF7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA5B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB0D7.tmp folder deleted successfully.
C:\Windows\Installer\MSI11B8.tmp deleted successfully.
C:\Windows\Installer\MSI1DC2.tmp deleted successfully.
C:\Windows\Installer\MSI2228.tmp deleted successfully.
C:\Windows\Installer\MSI2352.tmp deleted successfully.
C:\Windows\Installer\MSI2778.tmp deleted successfully.
C:\Windows\Installer\MSI29D2.tmp deleted successfully.
C:\Windows\Installer\MSI2E29.tmp deleted successfully.
C:\Windows\Installer\MSI342.tmp deleted successfully.
C:\Windows\Installer\MSI355A.tmp deleted successfully.
C:\Windows\Installer\MSI3CF9.tmp deleted successfully.
C:\Windows\Installer\MSI425B.tmp deleted successfully.
C:\Windows\Installer\MSI4312.tmp deleted successfully.
C:\Windows\Installer\MSI43D9.tmp deleted successfully.
C:\Windows\Installer\MSI468.tmp deleted successfully.
C:\Windows\Installer\MSI487F.tmp deleted successfully.
C:\Windows\Installer\MSI4C68.tmp deleted successfully.
C:\Windows\Installer\MSI4D02.tmp deleted successfully.
C:\Windows\Installer\MSI4E28.tmp deleted successfully.
C:\Windows\Installer\MSI4F6D.tmp deleted successfully.
C:\Windows\Installer\MSI60DE.tmp deleted successfully.
C:\Windows\Installer\MSI620.tmp deleted successfully.
C:\Windows\Installer\MSI68AC.tmp deleted successfully.
C:\Windows\Installer\MSI6C35.tmp deleted successfully.
C:\Windows\Installer\MSI6F22.tmp deleted successfully.
C:\Windows\Installer\MSI727D.tmp deleted successfully.
C:\Windows\Installer\MSI922A.tmp deleted successfully.
C:\Windows\Installer\MSI9F64.tmp deleted successfully.
C:\Windows\Installer\MSIAA6D.tmp deleted successfully.
C:\Windows\Installer\MSIAB96.tmp deleted successfully.
C:\Windows\Installer\MSIAD1D.tmp deleted successfully.
C:\Windows\Installer\MSIAED3.tmp deleted successfully.
C:\Windows\Installer\MSIB582.tmp deleted successfully.
C:\Windows\Installer\MSIBEB2.tmp deleted successfully.
C:\Windows\Installer\MSIC03B.tmp deleted successfully.
C:\Windows\Installer\MSIC18F.tmp deleted successfully.
C:\Windows\Installer\MSIC22C.tmp deleted successfully.
C:\Windows\Installer\MSIC73C.tmp deleted successfully.
C:\Windows\Installer\MSICE00.tmp deleted successfully.
C:\Windows\Installer\MSIDA6.tmp deleted successfully.
C:\Windows\Installer\MSIDA80.tmp deleted successfully.
C:\Windows\Installer\MSIEC17.tmp deleted successfully.
C:\Windows\Installer\MSIFC8C.tmp deleted successfully.
C:\Windows\Installer\MSIFF3B.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets15A4D557-4E43-447A-AEB9-12B81832595C.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets3E6346D8-5B17-496D-9A88-47011DFFAA29.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets423F7549-A468-44BB-BE22-A802DCC42E22.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets45D73E18-64DC-403A-A608-C63D94EA3486.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets4C439CDC-ECF5-44D8-92F8-CDA4A642EBBB.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets64F5E539-25D3-43E4-B942-ADC87DA01E43.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets871AE8A8-B7FB-4215-98C8-89FD100DE72C.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets9E7662D9-3852-4E63-A6F2-733F38D0A143.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsB3E5445B-4637-4616-9E08-5DB9C5951EBD.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsB8883036-8AA2-4E08-9777-5F3DB614933F.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsBACD7479-3BE6-4A7A-B418-375A2AFBECB9.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsCBFE24EB-6A5A-414D-85F8-634F4E35DC11.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsD1B9D77C-A15E-4A4D-AEBD-3977B9DF9CFA.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsD4DED17A-09C0-4C45-95E3-0E45F04F8A71.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsDA37CDEB-6705-4012-BF0A-B2AD408D1132.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsDD10E199-A1AE-4EB7-899A-B9B12FD8DA92.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsE4B64157-E951-4E07-B6D8-8755E477E6EB.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsE50488E4-4171-44D5-B285-56088F8DC33F.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsE72E049E-1FF4-446D-B339-95F495BC13E4.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsF06B33FA-2C02-4A16-BE9B-189CE2E09839.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsF7443F3B-74EC-4C34-9AA0-BDEA1363E9CD.tmp deleted successfully.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\component.man scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\inf3086.PNF scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\inf3086.tmp scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\inf3086.tmp scheduled to be deleted on reboot.
C:\Windows\System32\spool\PRINTERS\PP000li6fzxps8o7dm9fg3uz7s.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP00d5obuv8of_odje3jw8zz80c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP00lkb0a67o018g_64jxayzykc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP03v73s7pz6kwfdgbku2e0jwt.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP04qv0y_m7idhm2elf9biti1td.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP05csodrdpt4ub6a01ifdgjyid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP05i60t82mjsg40u5z20ud8zi.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP05knuqwm3xu5fvm9exbuneb6c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP05tdgdred7jsyafvc73y07vhc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP05u4d8n0fve8pmdtkoh8pr_ec.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP071_b037x17u5ijhaur_0j80d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP07n56m5szthq4anghiotvwf8c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP090qii6lbm0ra4kltcblaucib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP09x4u9kru4wo5h190v_3rbrgd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0a7pbk5s6wpkej_opfp1v00bc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0aps_jk51vl3zwj8ybbglbkp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0btokbnc9y4do1flyyrbuakae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0cwupjpof8_0nkd8ullg34zsb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0eulzjudw0iqin_26h4oj5ri.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0fb0gzxod7l32e_s60157rcs.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0h3oswn0_6dkkghnt7zyvr0zb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0ibtt60qsutj1jy76j3iora2b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0kewqnt3_hbrhamche52szpjc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0kzm5qoewfqbic0xsxsmlipad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0md86pskr_gvmwgj0ngvpb5ld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0mikdsq_ntyav25inm0a9e61d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0na77s95a3o83q220o5d2303d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0nkmsj9fe3d8k4fsaqe58o6ab.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0o98uoiux1kyuu7e__uvnj37c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0pa70zwgf1yxxhef1oohk_drb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0pwb1qfzt506hnb1mspkzzbx.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0qvr0om_f2e0cr8_frew0sw6.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0ret0g9mofbyj5bf5jv5zp61c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0rmrlvb8jbklsskpan8_3ouvb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0rynv3o1kk9vum67jexrb3_qd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0si6nxjk9pblspzjbgvuo0m0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0spv_snj2l08i871kfmu8m9eb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0tlou3v1selyzl0i6hos6sl2d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0ttuyxszc38b861070jdzvcqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0u0o6y_9lcao03c1_hxnze4ob.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0xe_pwlxveqa8lb633g9_8pxc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0y3ua2vm907t1zj38z20d1s0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0_2s4nl1qxblqwqbq6fqso0fd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0_f6l4llouoxifpms3y0mzlhd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP14qws6k39uchsoud9a2oz644c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP15khbl1goff1wgifc1g7d9v7d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP165ds1jmkejvxchdd3yfpxc9.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1b4k1aqal0vewqd4ao0espwq.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1ecxo9wvhah0kwkx200vtcvfb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1fe1r_hawzkc61bvnf0hc9yrc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1gh4rxhs040jujltmb1dx4ixb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1h9yigypvvywpm8vkblyml6zc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1i9mxms2aj320n2wqfze009rd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1kk1x60r2dfnfyn_swaqw3q_d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1ozdpjt68w8jkbav8w8om0iee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1ps4y6_wegc9gpcs2ewyhi6qc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1qxv2trm7o_xkabj923h08x7c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1sgg26tkewd374_u3ha4zdpnc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1sjjs3iolkhaa93tyf5kxijbd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1we4xo1fng985p0qn0tftfpuc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1y9qyxxrdr_2fp79rd0x7n3pc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1ypzutag1oqsjta7znaqd0ykc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1z2o8_pfpftx8kcjxx0uzulxb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1_32j2l8tkkypjntdoaujizzd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP1_7hso0gc4y2achlc023p42r.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP21oyrw1xeqov1jigtld0k7kxd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP22c8m0cyxb1w5pe7rtb06tzpd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2553vpecf1fjd0seq40wyy1hb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP261_jeplm9j_r13h0lb6_4cr.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2b9m0kjwdx0_ol8ks29lgl0x.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2f9bs3jq2vac5ax6uaefr_ogd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2hny6rs5k4x1bt30x949tr90b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2ojnmi_d0h6w4s9mgv4i9w_ae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2rjlpa2s1j8v2xa0lda880er.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2txez94qt8d78c6vqj4opby2.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2up97_t97ml2tj3xgx0e24b8c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2vvrfs3dga4bqfiz9julwb30d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP2x5xbstfokiv7cmukhswkdbbd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP31kount9y20_axcvt9d3kjalb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP37lito1ay4mvy6devljp8fof.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP37pnzktg2d5j8rmwemx0o3_m.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP383d08fhyctyn022hqsy5ebac.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP396_6r7ibnjwas53jgo4siaic.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3ag5kas1lsx0kpld9vzp0gz0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3fb02h_hp9jemib0eexvbhmrb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3gtf9icevxy9nbc174ki1_qqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3i6cza4s0fcysr7ym5b0p0vzb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3p_n87u9o4io_8fnz393q84ld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3t5g0wp0o1qfe_8jw_1x6f75c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3wd7o1fch59ih8s40_i_j011d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP3zkculg67b87ukz2le__jc6bb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP41qisyjfkohgh8hiru0j5mc4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP45h710musu9xt0lhg0ny054be.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP45hb__46ezc4xs_ppmeb29n0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4ntf9hkeiubr4xjpnm1vdfzee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4owu0m7u72miib3fu8fjo5pbc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4pbjc2b1457serbvr8ies2yfc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4pmaoszjywt8jzetcqwdegfn.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4p_mizfshh35jyrt3p47lb87b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4tgox6w7tq083905i8r79_2jd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4tvkq7yn98ddz8lverp05lnp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4uvnwo49suzc4ywu7457ojb4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4wdhg3knwvt0k20kx19rvlsgd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4ypj3cg0swu23lljxd_qgr8jc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP52vvj58qge0yo3xg1shyhb6vd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5ahbn20us8o55gk4myyh19zpd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5bgmo3cin7j8ubfvvag9k1m2c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5eky4rncvpn_j1ik_ov1z9yib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5kvw35klbqn34zejohphcv3hc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5p867m7hfp9x93wcit3u7o3cb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5pj4pdprm7sqikdz9qbnokss.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5v0_ncc_j3mx4t600364xni1.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5xbge9b8_u0f1h50i3v0cwj3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5_vsrk0706h6ill0_fd0x0uab.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP60smp2xiklzj2lqwzut8jboae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP60wsud3h03e59mfoz_vcteyx.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6317j_30e2e6zgrvlzxhb07ab.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP63giqjy9qot1qrk67dz3_31vc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP64v0i3t0sih1kb72wrk4y96ub.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP65099_tl9xh1ue_09_f44mc3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP66hoxrahd5r9yr8qoz9g7b_c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP68w3wao40u0n2bppb_cqc93z.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6b_19ojm1tx5cdbtkf_iry50.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6e01wy4uyul_0v4iis3_5x4ec.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6hokjiy6g_ivgifuqwbzs7bfc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6hsr3kwcah8h187yfqupr2rp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6hzxxo05xpem9yukcql96b0_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6mwtq71fvqribwfdni8bay0mc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6nb0pwi1al61gifwu7c1mo5b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6vluvw4wrmrnn4g_z8_evtgyb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP6ym8uqa_5yie19ahq_4m07aub.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP70boyrzt0ee95z871_03a1yyc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP721fs1cj4ks2caah054860n4b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7464_fgpzsrhwf30nj7rvn4o.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP76vcwwyol6jvky4g_2k4ps8jc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP78cq6ayedzez05n5us40__5uc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7bkwgwuk7k_e509qqvihyxbmb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7f0xtx51qgij80viw78ve8sgb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7j6i7srypo4i0969wpwxdut5d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7k0efcux0ao_em3ptqhgzxhpc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7n9vvrg4v8e1s5silsep1lq2d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7na09pmenpkgm7miuiy4mwq6b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7qmp2wn0ty880155o2fkeponc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7tj_v8fligk0f3lf41e2fmvpc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7uoe7yln0vuk0k852enzihwx.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7vj2il41gm1oqqo7fud0dd7gb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7vn_m_3o1lj66wxsv4gwbjyid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7wz020h4se16zcjx2aqweq_4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP7yvxdxxaflvuw2r6e3ngm_9nc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8004qar640dy6tk0mwxy0bifd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8278y7jmfulyh1s9kd3yftkid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP871ccy0p3ivtzzgzxmcb9cqzc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP88wehm38g7ou7o5n3aqk0qbtb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP890lkmauhmvd2dycijuvp6j6.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8a0m4mi09388h3q6wpr7_zdzc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8a6m5ds5v1d2s9emec6h9bp_b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8avynzjyl01741i2qnotb5gtb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8ayc94ud_vqon194eobtjbu5.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8c8itxyu5hng1c0_rfbxfibyc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8ek7hjw1iu9jes9j6mbqrfrmb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8ffbgb3_r40i_wg6arfk1rq8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8mxs414ht7p_emjm5ep_v8h0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8pesgx_p76o7354t49otlqgvd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8vn08cot2amdk16jn6sl4oae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8wdna8vh2rx0wvb1o7fai3y3d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8wf3vb10xf89w5s4vvt7txpmb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP90b27l_fwrkis7m09zsh4uryd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP91nfpg0huq0ve20d4kavm8nsd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9534z0uw6_xpwahissa50758.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9541_yhegp1fa358ekg7eifhb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP97rgm__uevm_u0meg2nbfkide.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP98nlxc0v3ordkfucohmi8vnrd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9b3_pq90ebacseac2d0h_99fc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9dxt0bn8gzpb1vv010jnxgorc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9e49tttdxl8pi70qhictkl3cc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9ept0_63ggt04kfr2xoy_fd0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9k29unm__0yxz4h9a0t00pewc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9l5zw8sa25ppp1drupbbtaufc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9sf0a6pe1nzqusk0qcdvv2vee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9tn0f5vns0skedmd0iyxooj3b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9ttf9kxoargwusjp0q2x_lxpc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9udv8x__t1k0zl7vv4holmqc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9z210ac1zlxcdtq870nphq6b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP9_lxxjjcatt1rpiq3xc5g7o8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPa4jbp164xlgn13x2ue2dtx3pb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPa6gfr51iq6n0x09rc5bh4ktjc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPa8ss_7si0zr1r4nng9shcqzfb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPa9krlw497p8098xx10omim3ee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPafsxakk7ilz0hqwl47q7o07xd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPal4k8esj7tfa1jzgmv83x9ttc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPamcgt_bziorsg2_7mcvvtnq9.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPap9ux0yop04eq263q4ubajdgc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPaqpbm845vj1_bfomllptkubee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPar_t79ibgr6qkz0g30s0_fvhb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPas9ymodtawr76qnygceukgcl.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPaua00_rfe04e001v6xzjysvmb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPaz90r_idn0fclf03kmqv_4qsd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPazg77yti5dfzb5kodkkb2o64.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPazg9beymttfw0i08sg455i23b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPazspi_etpyennixfji6wde1w.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPa_16efza7ibpupr0exaw56yj.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb0juhazpfdf38ms6aarias_ad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb24m_ponxjsmlc79yg0ak4bz.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb27rnxgx_jlx7d8rg_ibaxgfc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb3r01sgukt5v1sgwapkcgk0rd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb4rh3wppxux4jwofvs26fqhob.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb5henp7p4bdar9p7dn1lti8zc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb6n_5gv1ufv4vrqjqrs0ty_yc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb6yxr_osmhvu3a2erc1f4wnvb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb70z2n8cm8uzpuqnp4o4ebh0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb7y07yeswzns3fxyc8v3z6a1d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb9liky_s7nzy8cm47zfib3nlb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb9u1kcglhwea7aa3576ptfw3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPb9yw6hc7sth7nibilf6oye6j.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPba52elix_fna1dc04e92vat3d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbcx61plh0b0_srpkiyk2_8lyc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbd7hqe0cmjvuuzub_tkicsmbb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbg0bslc532ewfhseh5lwfsnr.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbjxe5ziucwrq70enuas01ozfb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbkjefh6hg2sa0w7vh38tjlb7.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbm7yaykrc8ls545f5xg7tfrtb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbmihzm13mftcxgds0agdbvw6b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbqxirp3qzodi9d7xzpzk3_8r.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbst_mc7zxa75kww75r7xzors.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbudedgsnpu3bt21ycc6cb03_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPbyhxqsjkmlgnajhzc2f_aeqtb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc0rm8dyq_uj8kpj78l7t8zpbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc0wivywa8wxmbtik76n0j75g.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc14top9li2fds8724p10uu11d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc4hf0d052l6ljopdybbq0vlz.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc8xvkkw5lnp1qp0s6qwopa23.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcbjys9vul2bwtapa5f8_4xz4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcdpt31s8y35m0s7z03wgqeoqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPceeh11e4ukoh4uxcnqkvvr2sb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPckmdrz1kg0yim7irrz6ekcl_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcky8cg_0ay_5l1p5_bnweluyd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcndtn2euz3_n301j5nnb_befd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcnk9f74_4ig2hrpfj6t2_hz6c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPcvcre_lmaopw8h6va1ho0ve_d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPc_bod41z0x1e41m36jz0gjij.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPd58au3_4koh2gighm34igye2c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPd7q6jpeod650bdtwzcdws7mgd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPd95oi5ssq1bzig4fv8869q0kc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdb7wj3wvf772yle0l_dbrrnnc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdcwiv1y_ok7qh2w0itb8tlkdc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPddpuvstsptp24oiauwyabh7xd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdds6nabln10yvelex4x12s9pc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPded4sy7klng0akn0gyi9tapkb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdeucao5v7sjsgztjhc7eubatd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdf4po6hg45ki8onrj_lcbcqhc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdfo0grhyuyv24jao8v6in2gic.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdfx03c65p_0mv6m_pf73hkr_d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdgno11wkk6rxwuwx9sim7y6rd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdi77cntpxfqks95bgx4x03v4b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdkyk4q0vz5iyn7j0igrqyydbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdmeb2xow4q9iib980i6u_fbbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdszqaj487g2s3r0ct640qvi7b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdtaryand9q74ykylwbd7n_9vb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdttr75ltkv3cmrbzn7sy9m_wb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdxbnvteer2jax9r7j0odbwfpc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPdxthaeef19o60mm7ba68eztu.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPe2q77qvx7qdfy7_3kyyjwod.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPe7f0m1iqld7c0l4az2sons0g.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPeeuzznmbm60zp5bj9bfgodv8d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPegdqpd5i2j7ab0lpwe8qudw4.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPegwi9i_ie3n3baa_yg16189r.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPei02rc0q76ik2k5rmc1q0f7mb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPen60pzremukgr_a1lekk3kpe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPeu2px24b6d809_lqz5je_0x8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPewj316h9b4zi18t_zvznr2hbc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPex_mfkyebqamjd0af_hf6g_2.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPey5fk49hjjqm940h3wmet1grb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPf0ook2xw_rlluufi0b6316x4.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPf1ntvauwovvk2a3vhnevejowd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfbuf60v4hxpe_82lnb3vtg_8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfd0alq04p23qjeyrgc92p5uw.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfdtlzhoo_yusyck5e53q39hw.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfgcs9gelwajtv_tp5k6ur00r.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfhxeypybgq82y1nmdugiqt3vd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfltngsbi8w34bc3wksevk0eac.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfpyke2qhmc13hjuafhd14apm.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfwp10odsr0xo7n9ukfloe501c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfx58q9nakwk9yj401jmvepv9.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPg3r3xw5s0jd1_4fk98fje508b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPg4bopueccd3_kdgiq3m05alr.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPg6soyrukcazd_739arv8vxobb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPg7cia0kyuf0u_399f6m2aiol.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPg7ftewriz867e8kb0g0xuef4b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgab0zn500kdol7gkwmz1p1vv.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgg9nbjfmmb61dgez4n7h4k8dc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPggp09okk271jvm1t95nt4vfe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPghaxlvmycieugskauhij4kru.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPghvih1juwg7rdk6g0ww0l844.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPglt9wkql_l_73uxpq4if54lzd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgn0w7fm3ggwk6uuiumtth6pc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgox00s4kdhv796omwxwi7bxkc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgq46d4wkkfakaqrj4f0ag3kl.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgqbryv3jdwef9gx45qeadmypb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgqtq0efg9jgnwilxbyuc2q7w.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgw53z_nxnith891pg56mc60yd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh0bsmob0pfswu3kayj12ee5z.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh40eqy8l5ce30ilzjx1_qfdbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh9vyol49ol27t0fh0o0wxqtkb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhc90nxrobsfpsub0hfl8u55i.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhcaptk72wb85cv6u0af4ko7zc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhdg4bkb3c5_5v51az4vqjcfnd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhhupchiv335xt30t30j8p19yb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhifhkgad280owhrtrgn0ai6oc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhl8_0i76l5hno5g5po4o7px9d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhlj26k92dmth576le62p1aqhd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhs09r8x_qb_lndk_qrta6v7s.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPhyk8wvc6b17wvtwf9da0mhxo.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh_4tbk9v8rizc64aqfw03odlb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh_c47k6jkr0uajvqz04jhy9k.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPh_mxy7pvypbh6lvbmj46rkyp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi2f6ne0h98rf5x8zgokza4u3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi39fu1hw3z0f5d3sbk0mfis3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi79sbxrvr66p0nj3jvrpt0vcc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi7bkbb56gn5_oxg00qgcp3n8c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi8ltu70jni3bcdf2yo3q8001c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPieasg1503yh712n622nditp2.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPig5tl9v01qa_p4u521nxxw2de.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPigr3l0oplx4xgnowqsl0g1v2c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPih6zv_9d921uuwlwg5_0dq0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiicn4p1b1itpndjhcrd_a_yjc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiisv9u1_zex1w40otyvm1dgv.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiiue00uru6tx5em23jii7cuqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiiyetnxqsykv0mwe6egk_qv6d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiizrh0kebrwi20n59z3aq1uld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPilxre_uiu2mn0_4gndv12mttb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiscgvfwicwgbkl7l0cc5vnaae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiu9ofcbo0v_kd8l4rige0n74d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiwbpatfxgv0j5sx1laq8oisqc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPixh5fvfgaaqg74cj4h9p4vztb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiy3xy_r40mro0yh70o469n6xb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiy7e6_40y314norqxk0cpd5mb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPiyoipglmhxfv4j9kmx0sfp0lb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPizv1af3u6qq04a8t8sc60wfob.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj0zd4r8y5uockq6g939s2a9h.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj12nhfrsbvi0fda9p2_s9ttoc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj2cx0auibi8dpiuaowz0czfxd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj6cc3i66f80a1v8q7hyi1in0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj9040avxrv1yjbyu9_4upyp6b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj92sze9w4dhzjo0bn46hd5u_c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj9bab301moia_4k8s1stb4kwc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj9g4t8cfhm_506na00bad40id.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj9l2act0fxnar8r22wisclssb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjb58m6793ld104i1_pinnjl8c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjbm0ssi3sys73v357n3fklhob.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjcwzv1v7t6jpuzjcb423vgjib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjdpnl181mu1350chquxzpehtb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjdq38u68h_z96x0vlc0hgt3md.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjep7cqy28wxckd7mom6ib595b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjf7q7xbkxryg98ysnau8a5ygb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjfxz_2btcg50eag5yy847cfr.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjjjtkni6z0fw82vq3oktuvdb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjnib3f2acwaxv4jst0xtl9ezc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjnuicz3ddl7a0c0zr2i42wy0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjohh967cs3ae1djyj0yaiiq3d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjoixbffvc0tfpi8rbr8p59mbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjoqdzdc9yot0m2z8utxy0dtjd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjsugnyjqzgbfutx2og51cdqe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjtunh_hc2_px16i6k3btgm5_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjwid0nbx_41wp34lto367oapb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjwnl0an04473q93on257h8ddd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjz32623_ee6t0_ewchb2j8mvd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjz4pzf7jqmynhxlqgtlwhbqud.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj_6yxflndovp25ghaue5ymnmc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPj_ysjbr865jc0lyvsw2m3fmm.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk077trgy7p6rrx8dcwe7tw0jc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk0zcq_vtn98mh6jqvtteg3zvc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk36ftnx67384ui8zxfpxqkf3.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk6tym123xutrye0_p26i4t0fb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk8xlnufg702acuagj743nc44.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk94pnq28rb13qwff9dvwhn0m.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk9a39_r0upz14xrh_9r2nstwb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPka3z7f00b3vogo_n0hmnu9l9d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkav188m2d0mom9apkou_lry6.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkcoonuc6t25ap8v91kfu35wr.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkcuxfczmso4chbg05v1u6sdw.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkescq5rn_1y2efx08r7hhwftd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkfl7x2408usp5vt002wwr5cud.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkhb02o7pzqiyxmhu9mb2r_yt.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkipgaakbvkwtzkqku635111z.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkk0jrh1hlnm5wp_q40ede9np.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkmn5xxaup0c9oa2drrjkvwttc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkn1o9fp5bv0c96hao82458ped.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkontu354nasav3_pcjkvbszbb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkq4il1wgzxqtrvj5qvy1ozkjc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPktiscs4_bpj8qc02qyf3fduzb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkuv63aktfjw45eapys1d0mkoc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkw2uciyegkq4aoygeqnalbi_c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkxjuf421ixts4gr0y4nccm1ac.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPky4y691wlt9vjh3nc3ovvz5gb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkziq33iofj3rwn6k693sjafld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPkzkyrz5u79ey96cbfe7yj00m.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPl0pp_5jdg9i_f0twgbohimuvd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPl4hka0t2yv5luxtq0w8l2hxid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPl8q_zx_cw3aq37djagm914rec.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlctq2r52psiub0bnfoaygfxqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPldazu0je7jc2a40l3paz3h75d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlf7rms4qbtiy0sal4pis_g7nb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlgytmabfzxvmi9b2_cv0xezid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlkszot58ut5z13sw72y5p54zd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPllhl4uxzdyu3ps6jzjaaawyod.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlrcbkse4tyym5wn9ymghp_fpc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlrwhkis3kh48cm5t5v75tgild.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlu4tho8qfpqppd7dk16dl2cde.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlwgtul_y4whu7m9hcr6x4guk.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlyy1mdtag8wcxb6uycn7dpuub.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPlzd7lxng9as6b14d97ht1kloc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm1me1gqus02et_kff49z3jnx.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm1qtd_eewtpotthstg6g5mibe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm28_mrq1uxj6yug_728jhy1mb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm3d_cvdsi7du08hxr0r6bduxc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm7okyzqhtl105c8dq703ycs1.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm8xbfp8wv4mg7ma_o1ga0z3dd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm910s2nf1nqc2tfq6136volnd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmd806j9afyktriwnbtimqs3hd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmf5b_y87r9g51sb5rmxe1_0dc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmh294gwu0yorkmowxsdi90s9d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmhs8r7a03ab54r6_5t94ziapb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmifogbzzbk0etz0avswi1suxd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmji7dkzivonse3uyifxeqqssd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmjr3crt2z5kjh9kepk0yipp_c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmkjaegiawmhqfle8bmop4y5rb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmlb6sd5lgpgepo7922k30t_1c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmmpto4fmu_3tz0bui9nuzx57c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmn4ke0kwmhr1f1bnh3xhnlcyb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmqa1po978n5dp10pxhkgykvhb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPms4ffqembbq113zy4bmhpjbbc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmsm5zz9ap6se68qmzw8q35qxd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmui_x04ambb0d_reutg00655c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmuw588e9nhr9dsepp7lzrtf_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmyv99kroutigwzbz471fns4ce.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn0b3838rrd00mup54at5o9xub.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn0gcofgnpgjnbqlew1228406c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn0ser08h9syajov79g_qyf4bd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn2vf3hbvbgljrays7ze0zwiqb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn310ww80nxzmno_v8itwv9qf.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn3e8qbpes0014aopkfszl1s0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn60msm_pwi6vaxkr0y88wem3d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn7xfmwwwkk4w4az0dg1j1kffd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn7yd9ept7w6v59sutdwzggktb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPn9ui04xkr9cjggr49xetqg3g.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnc37bd2ybowzdxr9d00w45oqb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPncba_etuwjjcqdd9pmr89c_mb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnflndrjfa_1b2n5bjw0wf9n1.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnl9gjqt5rt8r6hx4ub2xh883d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnqs85of17o6ty0kul0z2fxi3.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnufre_apbqxtyf2hxatfj8svd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnuh045jga38qo_v2j0x949w7.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnuzcw6xjv3rn0l72lulvxnjqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPny8y0cps98r0xmclhetqhxahc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPnz9u75_b0oqo05vt53o_jx2be.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo0z7swcq0n1cksckhno941x9d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo4hjtwu83xvcx2koug64hyvhc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo68c2_rkhzp5u2et3sdml4__b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo6b2afs_cqjee5xr7qw6jh_0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo6_0q0m0tyz4etii94nbt5ptc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo7z014jhbptusut8c61_wzeub.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPogdqzmsqqti_4z2xymzt3ap7c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPohh3mweaehbrj4jxozy10c8gb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPoidggopa6ooevac60kt8trrqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPokd0jmfl6n06q6j592ojg8p_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPoo9s2slm0smhqt8cw379w9kud.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPork22hww2e597q74mm4kig3d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPorqemfasau2ank963jutfhp0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPortdlwkurhc83d92o8b8_f6rd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPot01qsm6dalpmdz_s3cjnlord.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPotaq373py1jiqgbzcxe87mxsd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPotz5v7u58lld6shnhxb0ez6kb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPoutqyz2p_dxu4kgaumiwohz0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPowc7s3am7acc22ajvo_omra6d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPoxamjv3dq9vopkrapajxsf9qc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPo_u51zmviovyevq00faxt0b0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp045cni0l2f_hhfq9nib72b0d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp0qt5j22d74l3lm67ajm09enb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp1rs0d7m60wmnylsowet7gkw.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp1_3ue8fivebheyc9zdxn6y3b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp26_sw1hfp7e25vum89051qqb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp5k4yfhr5x84gbqwf1x8yjctb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp6706w89ldxafoiqmszb1dmec.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPp6fitdcc6aei67jnnaeydrt8b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpbvqb8twdgx3ols_qjvekap6.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPped3fjlrsr5ewuhr0167z7reb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpf9ffeyyy67jnkljgio5yg01c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPph99xm44nhpr_af3q1zv3p9ib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpl7e5m4anysw27r3asu90i5ec.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPplp004fthxr7q00bhn6bhmhud.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpo6d95104hbin0_8hq6vw_h7b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPppj_2tb6qheem9n9izwxvwz9d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpqrw8ige8j67tsqnfpjzwztp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpwqsaloy9b470fvll2ind0bgd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpyhlt606o0a0umcoouensl0nd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpz9m_g1_53_p7s2pr4cgu27qd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPq0bxt8rsfo_vw0pmdhdhd1t0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPq0fwbehukich0htukv4laoc1.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPq1yulnc6x2v8_z_o2pfolik6d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPq40b02257dd99so7a0_3hp0_c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqaudsdhliqu4i1a6glma9_5ib.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqb0av2ulfbp0_rinaj1rkcxnd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqbdy75wwboj9ufd40efvwi9jc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqbk0y9nakoa7504f4a058_zhb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqcpsi9ipbx3vw0d0aqjmukod.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqde4q7xp6h1m80m95r2awye0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqegf8mabmhn52nbk_3y5j523b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqjsct0bt9uxj94bw2nimlme_b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqllx7_xv5agknawcjyqpz5zbd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqp0jr05mk75bxcn7lv4x7kn0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqq6pz0a7dj5g6u76jk9h59bod.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqs1fj1drm00x3zsqeysp1rx6b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqsfpc04hecivgbynkv1yhwly.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqx_r4nl0csf1me_p5h1xu0n9b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqy0u3l__y7q647i29gjjwxscb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPqzsy1_6kvympy3two4m_zalrc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr09l6x29h6ntyu5xjdhqao7ec.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr30iu4melzubxtlo9tgnf4dn.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr3lnybrqbgfo2hr001scq0lk.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr4e838ih085800uwdfbsfzb8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr6m_ns40lf010qkgjpu5_h7i.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr7mp7und4gcu7e74axlvip0i.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr9pcpey5i1wxxnpwyyx692hxc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr9z2_x4hfwej8s0woyp_bo9jb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPraf0aqldxw6isbviocjmda0fc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrb9qyd015rtauo7vxp1u_ehhb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrcx5vpdsr4o2vk_771po9xo0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrd32zczmsqwv1mcg6rz2s_hnc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrdc0k3hmz15npnquad962mg0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPree9i46u6yxevuf0m5_rkko3.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrf3cj3bdei06f5w8_jgcny8qc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrf8diq5qh16orfs9oq4jho_5c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrfn0h1djgsr28iybboti8cqwd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrh7h52oo6jb_fkt7fz271kgsb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrj09zge033rvz2_bxlrdwtjfc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrkat7wb4ppxdji486j48p1q3.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrkq38_ll9dt4ldc_uvj5hzukc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrlak08bajqfi05anom0vii17d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrm0q11sb2oyfcaen_b9ty2c6d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrm5iwhelq487vtkpb01ldts6.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrm64elc6gxhe40ejibyag83j.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrr3xe1m89df35ov8aa16ib00d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrrq_d98trrgqf4ccfqmwflpoc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPryw40j0dt8me0hi8p4a7l52cd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrzq8_o6tfi6m_6r7tv_wordw.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrzro56ysjocyihqo4pbvqr7qc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs0488wtizl1b5qrruyuwqqb6.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs0jn2j72ey2kexs42gi20xvo.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs204rhrx_b5fsmdeuqteymird.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs287mu7h24k2kbue102aywgac.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs2iw8q8zv13i8xg2rzod7zl0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs49_fazqtwubuhzulxuw7tpyc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs4hh7wybxloow4ccr8gmt8dg.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs6dme6e_50wz4on88sgpqh0xc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs87gxfnx00gmud6zd4mrtm_gb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsd0mob1pl7mp0evjv6qia32qd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPse2g0sbr08fby07ou2m3us0ae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsfk4ms_jh_35zl85d_lpi4ry.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsfs2o9tug973h06qnz6pqsei.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsg6ieqarbwqmg_b7osq_qnppd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPshtta6uj58fzcxrbqx20vu2r.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsjinnchgjyneyw0_y0xnsq_zb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsm7y49zeehebmtrl101015o0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsnhejfarspbaewsd5hc3jptd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsobhgxewn8w6td2xsyfawrlwd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsqwsiordij4zxf_knzu5alvsc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPssb0vdyhccdxgxxvt0_kkeixd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsu0syeg90wox29m80bx5h080b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsvkbul3qr8pa9h2krqcy_1j1b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsy0ryavt0edrmxv5xkv5t3ieb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsymdvtno5yio1w0fbnmnv9wrb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs_2cq930vreflw6g8m67jr3sb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPt0ntywr40k7o1vbf7g6g5yjrb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPt53a7sbfido_v203kjs8o88fc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPt7ud1v13qv2u93f3fxuuz6bj.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtb3ka7c6nr0fz7df5vl4qvgpd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtbkx00gvp9gi6tupuo21ebx5b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtbl7zwtrujo6ic_psy6jiw99c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtbycp37c50rnqxnpu5x3d_3uc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPte80pff_bx56md_ez5i6r3ndc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtf9tqw3z9c0q6qanv8isdi5j.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtfepnydtd0268hq50ebs9jm_d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtfwelg_3i0b7sjpe1g8a0v37b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtgvso2f0q4aw0107uu6lbfogc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPth3k0ls9m7zlid7z3sjsnyygc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPti3p4c51xij_fpac2rewofhd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtiqgi4a24r68_ebdijit8ci0d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtkoyzj_k2x2sf0fxjultsni9c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtr1awc01yb610cjsii1h45yyd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtrzvmfm84ns6xoksvm7wsiyzb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtsf_51q764bucbkpdq_0yo25b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtzsjr4hvgy00k3q8mgn70hfae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu0bg869l2bd6uahxot6wqfwcc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu0y8nddmklm7_epsr24usvv2c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu24nadi1ptw3vy7ldmguvxpi.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu2j_pzate1wz861gnt_2w292b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu4f7u102f33q937m2h_a5zgzd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu7ngy8bpw83o62w_73qekfdtb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu9b9t5jw_20hjqt_2_70_gdzd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu9ie88quaw20xkojo898htjrd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuautk8_lh5nbwxsx7z5y0j49b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPufep04hr3dtpot2mr6sgne9k.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPufiaxfhzuvhlt2bw1wo9cz36d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuin8t1kxgo6sm4gxbqygla23.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPunjxjr8nzktdmnclpr5g4qny.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPupurdj0qggn8ic0wdfo6ycbk.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuq4nshvckkdy20sz50wvwkkkd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuwwnz0l825c6qj69tvqr8hgnc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuy700bo0yan9brqwd0d_tjtkc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPuzx4pe0dc5rrrq7_su51y1m9.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu_s6k8tlgz0q1wxldgfuc17ld.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPu_t1wpus63h8ev1zjjeua8nc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPv2rxybuy7s5oe195fqbuck1_d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPv311qp3l3664bgtomf0smwe_c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPv5bu6yrzo93f0t1t34c32ne0c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPv8vz4ot3q1j8xa14h36rrebub.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvatxetmzn3rw9xy0el_zhd0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvcyl2qte03t3sdzbcpulnmmjb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvf0pggiqv6h1o1aqgkobw8iz.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvf520u0_89uinvw09_268dl8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvfkyboutbavfx4xor58n54mqb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvfx_upmlkjlddlr933uccvdae.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvg4g0z8axidjhcroto_v00f3b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvgq89oohrdoydgr0l64xhufvd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvias2s01vr6tl43by7nr4g__c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvj4wk41qui_rc2fm5daxf_szd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvknzx0oyciskiwgy2ukm5b2j.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvmpjlczwwbwhxsvwr8w8quykb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvmuoroeergm15rf0o800fjswd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvn6u_ehu64gwoytdjq0g5wdad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvpdr5o1c7qkpdmosk5l6w7vt.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvq9m2uo65yh_yg485iuv06uac.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvqoy9he04fbr_l995d03_at_b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvrldxugugwep9prp6pjgixplc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvuqlqie6bn502v6p122c0dujd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvw4xujit8nvu5065ls26y250d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvy0_c__oey847v2aqim816g5b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvy8jx0r60bkth355pw6tvko8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvzxdpbgwj8vzuousn3sv8s6zb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPw283izsgu1xoptu6kt_0_regd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPw6dv2fnkagucwoth0btnrfz8.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwda1zmkjgsnca0p8qznhjvhy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwdzwhs24dem9_6wf0ti093hod.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPweas8cczy04dpk8k0pem56nc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwgxllnb8l0mocv09ap0ouond.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwjwmju13mkaq05ehrucddu18b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwod16cw0we0ad2jj6ia_xr_yb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwq8htuehp360uz5zq770t1ltc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwsd61wbee1l8eqgh4iijw2gce.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwumvbaz0h0jo196p6xeik2vzd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwxo9b4havthyfbveyn1daet1b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwyflsrizdnbkt768ugnp8lbyd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwypzjc3jwf0070u4qyenxcz4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPwz41ukal4dn15x_skdoy1n3eb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPx391b8z2pxcmt2irwnvfx73hb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPx4ijqnafwwyhjr5mawoeqrrac.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPx5bdx1pyo0ls01u4_gpps3bgb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPx622a8e1znevh2xru4l5v06dd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPx9bqr4rhnoydljvecjxvf5n0d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPx9e8f2s56yjlgf3725r12vm1.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxc88caxn9q2p068dilzt8kqy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxda0orvcmb0ba6orv2p4105cc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxje2bkhqzdoz47t23us5kzf.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxlvnz0ib6jla9z5haom4a90fd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxmb6x2g96qxgw0pnx349rqijc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxm__anr9zlpot0numd3o5o9xd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxn6lcwe42awjn7qz04vfbbc7.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxnnl00o96wbzrt77ln0unntlc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxp2hq7kv9ig_p0be8pit2r60.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxqaklrlkffhapy28wspern05c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxus09ndcp07vt6ct4jirsh0gd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxv2tdk5bhjr7jwdblrhx30omb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPxzkjuj90a8qhhzi8xht3qnicb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPx_256xbsw2p4zjbc7hrv50dsb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPy44c0e00fzy90db0zanl32ty.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPy7vgn1c3vl0e69g8u7psx_snb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPycaayxfyf6fly30ddtks9t2bc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyd14azykj090pwfxy91pugh3d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPye7y8i1decc60s8ptehaijftb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyfrw_htjie53ya9dyt8707iad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyh_vnl803vsejzy99xqew3v3.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyik5exjc24_eoi0zp30r1mzh.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPym0xu2v8li7nigbqhpx0o906.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyn815a7cq0j2ysf5hh5b42g4d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyo0uju9l0nn4mqpiwx607_67c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPys1mnxmbhps46gz36z4jyka_.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyu3_e8c6e26edtnt0rursqfcc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyu4h3fm24t9jjj7do_2yr96s.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyws85_7xx5pr6awdmc18rvto.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPywts7cfndgn6y5ark9rw7i6nc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyzpfez_k3zey8jzc0235fp99d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz068i3j1j_emud1871sgfyhyb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz2bea38d1lvfbkynm1d0h874.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz336ocb2qec2mgzgl16np_zad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz3dl0ujebebud9033o01run2b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz4aynm7k3gk7jkdyswjcwnv1b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz5qxl7xvruatxez80a00g0a7.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz8005nq5d2y9rs0rl78ksf14.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz91ws569u_japnw1lbx__kyid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzcxk7w5_ohjs3fwf0qu3wqxde.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzdizwkd7knfs6fpq0no0ttfb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzfk9iqy58_didlol_tm09hjce.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzifsutxyjzxjukqwaclr4pdw.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzmt2ognapx274eh51ls5x3o7.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPznncg2khbjnq2waegvwlk6g6c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzp80z6o19k5cgsky0nn8791d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzr5bexcr20a5rhgouer733xpb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzr8hsbn1dm2y60w7eur5wt3jd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzrx_f5wsll8r1kii3ob_m437c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzs994x7igsgwfg13xm17th9gd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzsg600fpgmnm_07fkdl3ojslc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzu3qwm03rquxp02c01b0p0wq.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzvpwwg4wndkbaec36nuqb5d1.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzwieu5i6pm22e4dp0545xlrp.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzxgdpdtffky53xprgw1g49cvd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPzzdkok5qk1yci_16zg1qckb0.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPz_li8jibib6g83bmy2ioxu6lc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_277bx63s188jkg9meqwj9jxd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_417tjgkc2cc0bft63vl4go2c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_5hrgpkqbuamtg_807obdrk2.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_604rd4bwcrltddck8gck402d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_6g5u6uupv1u5_ezid60rg90.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_7c71ismv8btu2y8x41kviv5b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_hiae96d9asuiag8sri73c1hb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_ilvr5qwlauejj0mm5jreia0b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_kmwog_z6isnkq4bc029hskqc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_ln_nl5ycfybprf9m93owzf3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_uanb14qnwcq2gp9mstkyvghd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP_w6ezm7ax5fctbu5gmxv3w0b.TMP deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03112015_111116

Files\Folders moved on Reboot...
C:\Users\Alesh\AppData\Local\Temp\WTDFCE.tmp moved successfully.
C:\Users\Alesh\AppData\Local\Temp\WTE387.tmp moved successfully.
C:\Users\Alesh\AppData\Local\Temp\Z@R3B1C.tmp moved successfully.
C:\Users\Alesh\AppData\Local\Temp\Z@R3BAB.tmp moved successfully.
C:\Users\Alesh\AppData\Local\Temp\Z@R45DF.tmp moved successfully.
C:\Users\Alesh\AppData\Local\Temp\Z@R467F.tmp moved successfully.
C:\Users\Alesh\AppData\Local\Temp\Z@R725B.tmp moved successfully.
C:\Users\Alesh\AppData\Local\Temp\Z@R7339.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\component.man scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\inf3086.PNF scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb\inf3086.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\DriverStore\FileRepository\inf3086.tmp_6ba44bcb scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#29 Příspěvek od **Márty84** » 11 bře 2015 12:22

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Nastala nejaka zmena?

alesheek · #30 Příspěvek od **alesheek** » 11 bře 2015 14:02

Myslím, že to funguje dobre. Zásadná zmena k lepšiemu nastala vtedy, keď som napísal, že funguje sťahovanie a streaming, pred zásahom totiž rýchlosť streaming bola extrémne blízka nule, a z ničoho nič bolo vždy sťahovanie ukončené. Podobne streaming videa bol zstavený každých 5 sekúnd.

Takže to rozhodne pomohlo.

Ešte by som mal pár otázok.

Na druhom disku sa objavila zložka $RECYCLE.BIN. Píše, že je vytvorená v r. 2010, ale nevidel som ju tam predtým, asi bola skrytá. Môžem to vymazať?

Rovnako je tam vytvorená záloha registrov, z jedného z krokov, ktoré sme tu robili. Môžem vymazať?

Čo ste vlastne zistili z tých logov? Čo tam boli za chyby, problémy a nedokonalosti?

V jednom príspevku ste písali, že TuneUp nie je dobrá vec. Čo by ste odporučili na priebežnú kontrolu a čistenie. Okrem AVASTu, mám v PC MBAM a potom ešte CleanUp.exe, čo myslím vyčistí Temp súbory...

Vopred ďakujem za odpovede.

VIRY.CZ

Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC

Re: Kontrola pomaleho PC